VDB

DEBIAN-CVE-2014-0028

DEBIAN-CVE-2014-0028 PUBLISHED

libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.

Affected Products

VendorProductVersions
Debian:12libvirt0, 0, 0
Debian:13libvirt0, 0, 0
Debian:11libvirt0, 0, 0
Debian:14libvirt0, 0, 0

Timeline

  • Jan 24, 2014 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›