MGASA-2020-0283

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2019-20485

Published: 06 Jul 2020, 20:42

Last modified:16 Apr 2026, 04:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Jul 2020, 20:42

Published

Vulnerability first disclosed

16 Apr 2026, 04:25

Last Modified

Vulnerability information updated

Description

Updated libvirt packages fix security vulnerability Updated libvirt packages fix security vulnerability: A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulting in a denial of service (CVE-2019-20485).

Affected Systems

mageia•libvirt
< 5.5.0-1.2.mga7

References (3)

https://advisories.mageia.org/MGASA-2020-0283.html
https://bugs.mageia.org/show_bug.cgi?id=26816
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/