========================================================================== Ubuntu Security Notice USN-1180-1 July 28, 2011 libvirt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: An authenticated attacker could send crafted input to libvirt and cause it to crash. Software Description: - libvirt: Libvirt virtualization toolkit Details: Eric Blake discovered an integer overflow flaw in libvirt. A remote authenticated attacker could exploit this by sending a crafted VCPU RPC call and cause a denial of service via application crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: libvirt-bin 0.8.8-1ubuntu6.5 Ubuntu 10.10: libvirt-bin 0.8.3-1ubuntu19.1 Ubuntu 10.04 LTS: libvirt-bin 0.7.5-5ubuntu27.16 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1180-1 CVE-2011-2511 Package Information: https://launchpad.net/ubuntu/+source/libvirt/0.8.8-1ubuntu6.5 https://launchpad.net/ubuntu/+source/libvirt/0.8.3-1ubuntu19.1 https://launchpad.net/ubuntu/+source/libvirt/0.7.5-5ubuntu27.16