Updated libvirt packages fix CVE-2014-8136
Publication date: 05 Jan 2015Modification date: 05 Jan 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8136
Description
Updated libvirt packages fix security vulnerability:
The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in
qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check
fails, which allow local users to cause a denial of service via unspecified
vectors (CVE-2014-8136).
References
SRPMS
4/core
- libvirt-1.2.1-1.4.mga4