Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2020-10703

Published: 02/06/2020 Updated: 01/04/2024
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Redhat

Vulnerability Summary

It exists that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2020-10703)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat libvirt

Vendor Advisories

Ubuntu Security Notice: libvirt vulnerabilities
Several security issues were fixed in libvirt ...
Red Hat: Moderate: libvirt security and bug fix update
Synopsis Moderate: libvirt security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for libvirt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...
Red Hat: Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Synopsis Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a securi ...
Amazon Linux 2: ALAS2-2020-1557
A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulting in a denial of service (CVE-2019-20485) A NULL po ...
Arch Linux Issues:
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3100, and fixed in libvirt 600, for fetching a storage pool based on its target path In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD Unprivileged users with a read-on ...

References

CWE-476https://bugzilla.redhat.com/show_bug.cgi?id=1790725https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10703https://security.netapp.com/advisory/ntap-20200608-0005/https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=dfff16a7c261f8d28e3abe60a47165f845fa952fhttps://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=5d5c732d748d644ec14626bce448e84bdc4bd93ehttps://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=7aa0e8c0cb8a6293d0c6f7e3d29c13b96dec2129https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/https://lists.debian.org/debian-lts-announce/2024/04/msg00000.htmlhttps://usn.ubuntu.com/4371-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook