MGASA-2014-0470

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-7823

Published: 21 Nov 2014, 12:44

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 Nov 2014, 12:44

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated libvirt packages fix security vulnerability Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file (CVE-2014-7823).

Affected Systems

mageia•libvirt
< 1.0.2-8.7.mga3
mageia•libvirt
< 1.2.1-1.3.mga4

References (3)

https://advisories.mageia.org/MGASA-2014-0470.html
https://bugs.mageia.org/show_bug.cgi?id=14529
http://www.ubuntu.com/usn/usn-2404-1/