VDB

GCVE-VVD-MAGEIA-2020-473

GCVE-VVD-MAGEIA-2020-473
Advisory Published
Vulnetix · Advisory published December 29, 2020
A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-25637).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialibvirt0 (affected), 5.5.0-1.3.mga7 (unaffected)

References

Updated libvirt packages fix security vulnerability
advisory
Updated libvirt packages fix security vulnerability
issue
Updated libvirt packages fix security vulnerability
issue
Updated libvirt packages fix security vulnerability
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›