Libvirt

This hub aggregates every CVE we track for Libvirt, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Libvirt.

• BDU:2026-06224Уязвимость компонента virerror.c библиотеки управления виртуализацией Libvirt, позволяющая нарушителю вызвать отказ в обслуживании5.3May 4, 2026
• BDU:2026-06228Уязвимость компонента virsocketaddr.c библиотеки управления виртуализацией Libvirt, позволяющая нарушителю вызвать отказ в обслуживании7.5May 4, 2026
• CVE-2025-13193Libvirt: information disclosure via world-readable vm snapshots5.5Nov 17, 2025
• CVE-2025-12748Libvirt: denial of service in xml parsing5.5Nov 11, 2025
• CVE-2024-8235Libvirt: crash of virtinterfaced via virconnectlistinterfaces()6.2Aug 30, 2024
• CVE-2024-4418Libvirt: stack use-after-free in virnetclientioeventloop()6.2May 8, 2024
• CVE-2024-2494Libvirt: negative g_new0 length can lead to unbounded memory allocation6.2Mar 21, 2024
• CVE-2024-2496Libvirt: null pointer dereference in udevconnectlistallinterfaces()5.0Mar 18, 2024
• CVE-2024-1441Libvirt: off-by-one error in udevlistinterfacesbystatus()5.5Mar 11, 2024
• CVE-2023-3750Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service6.5Jul 24, 2023
• CVE-2023-2700A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirt...5.5May 15, 2023
• CVE-2021-3975A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock...6.5Aug 23, 2022
• CVE-2022-0897A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was ...4.3Mar 25, 2022
• CVE-2021-4147A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.6.5Mar 25, 2022
• CVE-2021-3631A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the b...6.3Mar 2, 2022