Your submission was sent successfully! Close

USN-694-1: libvirt vulnerability

18 December 2008

libvirt vulnerability

Releases

Packages

Details

It was discovered that libvirt did not mark certain operations as read-only. A
local attacker may be able to perform privileged actions such as migrating
virtual machines, adjusting autostart flags, or accessing privileged data in
the virtual machine memory and disks.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.10
Ubuntu 8.04
Ubuntu 7.10

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References