Daniel P. Berrange

**Name of the Vulnerable Software and Affected Versions** spice-gtk (affected versions not specified) **Description** The issue allows remote authenticated users to obtain information from the host clipboard. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue is related to the VNC websocket frame decoder in QEMU, which allows remote attackers to cause a denial of service. This can be achieved through a large websocket payload or a large HTTP headers section, resulting in memory and CPU consumption. The vulnerability is associated with resource management errors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libvirt versions 1.0.0 through 1.2.x before 1.2.5 **Description** The issue allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to various API methods, including `virDomainDefineXML`, `virNetworkCreateXML`, `virNetworkDefineXML`, `virStoragePoolCreateXML`, `virStoragePoolDefineXML`, `virStorageVolCreateXML`, `virDomainCreateXML`, `virNodeDeviceCreateXML`, `virInterfaceDefineXML`, `virStorageVolCreateXMLFrom`, `virConnectDomainXMLFromNative`, `virConnectDomainXMLToNative`, `virSecretDefineXML`, `virNWFilterDefineXML`, `virDomainSnapshotCreateXML`, `virDomainSaveImageDefineXML`, `virDomainCreateXMLWithFiles`, `virConnectCompareCPU`, or `virConnectBaselineCPU`. This is related to an XML External Entity (XXE) issue. **Recommendations** For libvirt versions 1.0.0 through 1.2.x before 1.2.5, consider disabling the fine grained access control feature until a patch is available. Restrict access to the API methods listed above to minimize the risk of exploitation. Avoid using crafted XML documents that contain XML external entity declarations.

**Name of the Vulnerable Software and Affected Versions** libvirt versions 0.7.5 through 1.2.x before 1.2.5 **Description** The issue allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) `virConnectCompareCPU` or (2) `virConnectBaselineCPU` API method, related to an XML External Entity (XXE) issue. This may lead to a disruption of confidentiality, integrity, and availability of protected information. **Recommendations** For libvirt versions 0.7.5 through 1.2.x before 1.2.5, consider disabling the `virConnectCompareCPU` and `virConnectBaselineCPU` API methods as a temporary workaround until a patch is available. Restrict access to the API endpoints related to these methods to minimize the risk of exploitation. Avoid using crafted XML documents that contain XML external entity declarations in conjunction with entity references to these API methods until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libvirt versions 1.1.0 through 1.1.1 **Description** The issue allows local users to cause a denial of service, specifically memory consumption, by providing a large number of domain migrate parameters in certain RPC calls. This is related to the files daemon/remote.c and remote/remote driver.c. **Recommendations** For libvirt versions 1.1.0 and 1.1.1, consider restricting the number of domain migrate parameters allowed in RPC calls as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.