CVE-2020-25637

06.10.2020, 14:15

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.7 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 30%

Affected Products (NVD)

Vendor	Product	Version
redhat	libvirt	𝑥 < 6.8.0
opensuse	leap	15.1
opensuse	leap	15.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

libvirt

bookworm	9.0.0-4+deb12u1 fixed
bullseye	7.0.0-3+deb11u3 fixed
sid	10.9.0-1 fixed
trixie	10.9.0-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

libvirt

bionic	Fixed 4.0.0-1ubuntu8.21 released
focal	Fixed 6.0.0-0ubuntu8.16 released
groovy	ignored
hirsute	not-affected
impish	not-affected
jammy	not-affected
kinetic	not-affected
lunar	not-affected
mantic	not-affected
noble	not-affected
trusty	needed
xenial	needed

openSUSE / SLES Releases

openSUSE Product

Release

libvirt

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-admin

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed

libvirt-bash-completion

suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	7.1.0-150300.6.29.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	7.1.0-150300.6.29.1 fixed

libvirt-client

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-client-qemu

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-common

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-config-network

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-config-nwfilter

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-interface

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-libxl

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-lxc

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed

libvirt-daemon-driver-network

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-nodedev

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-nwfilter

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-qemu

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-secret

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-core

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-disk

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-iscsi

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-iscsi-direct

suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-logical

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-mpath

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-rbd

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-driver-storage-scsi

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-hooks

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-lock

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-log

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-lxc

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed

libvirt-daemon-plugin-lockd

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-plugin-sanlock

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-proxy

suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-qemu

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-daemon-xen

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-devel

suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-doc

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

libvirt-libs

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed

libvirt-lock-sanlock

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed

libvirt-nss

suse enterprise sap 12 SP5	5.1.0-13.19.1 fixed
suse enterprise sap 15 SP1	5.1.0-8.24.1 fixed
suse enterprise sap 15 SP2	6.0.0-13.8.1 fixed
suse enterprise sap 15 SP3	7.1.0-4.1 fixed
suse enterprise sap 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise sap 15 SP7	11.0.0-150700.2.3 fixed
suse enterprise server 12 SP2	2.0.0-27.64.1 fixed
suse enterprise server 12 SP3	3.3.0-5.46.1 fixed
suse enterprise server 12 SP4	4.0.0-8.23.1 fixed
suse enterprise server 12 SP5	5.1.0-13.19.1 fixed
suse enterprise server 15	4.0.0-9.35.1 fixed
suse enterprise server 15 SP1	5.1.0-8.24.1 fixed
suse enterprise server 15 SP2	6.0.0-13.8.1 fixed
suse enterprise server 15 SP3	7.1.0-4.1 fixed
suse enterprise server 15 SP4	8.0.0-150400.5.8 fixed
suse enterprise server 15 SP7	11.0.0-150700.2.3 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

libvirt

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-admin

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-bash-completion

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-client

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-config-network

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-config-nwfilter

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-interface

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-lxc

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-network

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-nodedev

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-nwfilter

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-qemu

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-secret

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-core

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-disk

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-gluster

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-iscsi

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-logical

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-mpath

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-rbd

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-driver-storage-scsi

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-kvm

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-daemon-lxc

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-devel

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-docs

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-libs

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-lock-sanlock

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-login-shell

RHEL 7

0:4.5.0-36.el7_9.3

fixed

libvirt-nss

RHEL 7

0:4.5.0-36.el7_9.3

fixed

Common Weakness Enumeration

CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00072.html

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00073.html

https://bugzilla.redhat.com/show_bug.cgi?id=1881037

https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html

https://security.gentoo.org/glsa/202210-06

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00072.html

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00073.html

https://bugzilla.redhat.com/show_bug.cgi?id=1881037

https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html

https://security.gentoo.org/glsa/202210-06