libvirt: Multiple vulnerabilities
Multiple vulnerabilities have been found in libvirt, worst of which
allows context-dependent attackers to escalate privileges.
libvirt
December 08, 2014
December 08, 2014: 1
483048
484014
485520
487684
489374
494072
496204
498534
502232
504996
509858
524184
528440
local, remote
1.2.9-r2
1.2.9-r2
libvirt is a C toolkit for manipulating virtual machines.
Multiple vulnerabilities have been discovered in libvirt. Please review
the CVE identifiers referenced below for details.
A remote attacker may be able to cause a Denial of Service or cause
information leakage. A local attacker may be able to escalate privileges,
cause a Denial of Service or possibly execute arbitrary code.
There is no known workaround at this time.
All libvirt users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/libvirt-1.2.9-r2"
CVE-2013-4292
CVE-2013-4296
CVE-2013-4297
CVE-2013-4399
CVE-2013-4400
CVE-2013-4401
CVE-2013-5651
CVE-2013-6436
CVE-2013-6456
CVE-2013-6457
CVE-2013-6458
CVE-2013-7336
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447
CVE-2014-3633
CVE-2014-5177
CVE-2014-7823
pinkbyte
pinkbyte