libvirt: fix CVE-2025-13193 - linux/meta-virtualization.git - Mirror of git.yoctoproject.org/meta-virtualization

diff options

author	Praveen Kumar <praveen.kumar@windriver.com>	2025-11-27 18:07:34 +0530
committer	Bruce Ashfield <bruce.ashfield@gmail.com>	2025-12-02 00:02:34 -0500
commit	17ac21e7d7f6f40a87618b22278b63bcfa14dbf2 (patch)
tree	96cca3f4d6976c99244361ec7bf67b7589001748 /classes/meta-virt-k8s-cfg.bbclass
parent	389090e499839119d4d9b55a6867663beaac4520 (diff)
download	meta-virtualization-scarthgap.tar.gz

libvirt: fix CVE-2025-13193scarthgap

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-13193 Upstream-patch: https://gitlab.com/libvirt/libvirt/-/commit/a379327d8abcde8ac8d3e16fe5e4ba6f790d767a Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

Diffstat (limited to 'classes/meta-virt-k8s-cfg.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: