From: Marc Deslauriers
Date: May 22, 2020 2:46AM
It was discovered that libvirt incorrectly handled an active pool without a
target path. A remote attacker could possibly use this issue to cause
libvirt to crash, resulting in a denial of service. (CVE-2020-10703)
It was discovered that libvirt incorrectly handled memory when retrieving
certain domain statistics. A remote attacker could possibly use this issue
to cause libvirt to consume resources, resulting in a denial of service.
This issue only affected Ubuntu 19.10. (CVE-2020-12430)
References:
https://usn.ubuntu.com/4371-1
CVE-2020-10703, CVE-2020-12430
沒有留言:
張貼留言