Redhat: >> Libvirt >> 0.8.3 Security Vulnerabilities
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.
CVSS Score
3.7
EPSS Score
0.001
Published
2012-06-17
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
CVSS Score
4.0
EPSS Score
0.028
Published
2011-08-10
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.
CVSS Score
3.3
EPSS Score
0.009
Published
2011-05-31
Page 4