← Back to CVE List

CVE-2020-25637

Published: 2020-10-06T14:15Z
Last Modified: 2024-11-21T05:18Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt