What is the vulnerability ID for these libvirt vulnerabilities?

The vulnerability ID for these libvirt vulnerabilities is CVE-2022-0897.

What is the severity of CVE-2022-0897?

The severity of CVE-2022-0897 is not specified in the provided information.

Which version of libvirt is affected by CVE-2022-0897?

The version of libvirt affected by CVE-2022-0897 is not specified in the provided information.

How can I fix the libvirt vulnerabilities?

To fix the libvirt vulnerabilities, update to version 9.0.0-2ubuntu1.1 (for Ubuntu 23.04) or version 8.6.0-0ubuntu3.2 (for Ubuntu 22.10) or version 8.0.0-1ubuntu7.5 (for Ubuntu 22.04).

Where can I find more information about these libvirt vulnerabilities?

You can find more information about these libvirt vulnerabilities on the Ubuntu Security Notices website.

Vulnerability/
USN-6126-1

31/5/2023

USN-6126-1: libvirt vulnerabilities

First published: Wed May 31 2023(Updated: )

It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-0897) It was discovered that libvirt incorrectly handled queries for the SR-IOV PCI device capabilities. A local attacker could possibly use this issue to cause libvirt to consume resources, leading to a denial of service. (CVE-2023-2700)

Affected Software	Affected Version	How to fix
All of
ubuntu/libvirt-daemon	<9.0.0-2ubuntu1.1	9.0.0-2ubuntu1.1
	=23.04
All of
ubuntu/libvirt-daemon-system	<9.0.0-2ubuntu1.1	9.0.0-2ubuntu1.1
	=23.04
All of
ubuntu/libvirt0	<9.0.0-2ubuntu1.1	9.0.0-2ubuntu1.1
	=23.04
All of
ubuntu/libvirt-daemon	<8.6.0-0ubuntu3.2	8.6.0-0ubuntu3.2
	=22.10
All of
ubuntu/libvirt-daemon-system	<8.6.0-0ubuntu3.2	8.6.0-0ubuntu3.2
	=22.10
All of
ubuntu/libvirt0	<8.6.0-0ubuntu3.2	8.6.0-0ubuntu3.2
	=22.10
All of
ubuntu/libvirt-daemon	<8.0.0-1ubuntu7.5	8.0.0-1ubuntu7.5
	=22.04
All of
ubuntu/libvirt-daemon-system	<8.0.0-1ubuntu7.5	8.0.0-1ubuntu7.5
	=22.04
All of
ubuntu/libvirt0	<8.0.0-1ubuntu7.5	8.0.0-1ubuntu7.5
	=22.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the vulnerability ID for these libvirt vulnerabilities?
The vulnerability ID for these libvirt vulnerabilities is CVE-2022-0897.
What is the severity of CVE-2022-0897?
The severity of CVE-2022-0897 is not specified in the provided information.
Which version of libvirt is affected by CVE-2022-0897?
The version of libvirt affected by CVE-2022-0897 is not specified in the provided information.
How can I fix the libvirt vulnerabilities?
To fix the libvirt vulnerabilities, update to version 9.0.0-2ubuntu1.1 (for Ubuntu 23.04) or version 8.6.0-0ubuntu3.2 (for Ubuntu 22.10) or version 8.0.0-1ubuntu7.5 (for Ubuntu 22.04).
Where can I find more information about these libvirt vulnerabilities?
You can find more information about these libvirt vulnerabilities on the Ubuntu Security Notices website.

agent/type
agent/severity
agent/first-publish-date
agent/last-modified-date
agent/softwarecombine
collector/usn
source/Ubuntu
anchor-related/USN-5399-1
agent/software-canonical-lookup
agent/title
agent/event
agent/description
agent/references
agent/tags
agent/trending
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/23.04
version/ubuntu ubuntu/22.10
version/ubuntu ubuntu/22.04