Vdsm Ovirt Vdsm

Do you want an email whenever new security vulnerabilities are reported in Ovirt Vdsm?

By the Year

In 2022 there have been 0 vulnerabilities in Ovirt Vdsm . Vdsm did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 7.20
2018 1 6.30

It may take a day or so for new Vdsm vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Ovirt Vdsm Security Vulnerabilities

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8

CVE-2019-3831 7.2 - High - March 25, 2019

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.

Command Injection

It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources

CVE-2018-10908 6.3 - Medium - August 09, 2018

It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host.

Allocation of Resources Without Limits or Throttling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Virtualization or by Ovirt? Click the Watch button to subscribe.

Ovirt
Vendor

Ovirt Vdsm
Product

subscribe