Please Install the Updated Packages.

Martin Kletzander discovered that libvirt incorrectly handled reading memory tunables from LXC guests. A local user could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service. This issue only affected Ubuntu 13.10. (CVE-2013-6436) Dario Faggioli discovered that libvirt incorrectly handled the libxl driver. A local user could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 13.10. (CVE-2013-6457) It was discovered that libvirt contained multiple race conditions in block device handling. A remote read-only user could use this flaw to cause libvirtd to crash, resulting in a denial of service. (CVE-2013-6458) Eric Blake discovered that libvirt incorrectly handled certain ACLs. An attacker could use this flaw to possibly obtain certain sensitive information. This issue only affected Ubuntu 13.10. (CVE-2014-0028) Jiri Denemark discovered that libvirt incorrectly handled keepalives. A remote attacker could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service. (CVE-2014-1447)

libvirt on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS

• https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-January/002384.html

---

Updated on 2015-03-25