Not a user yet?
Log in Register for free Suggest a product
Update

USN-8172-1: kvmtool vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical

USN-8172-1: kvmtool vulnerabilities

Publication date: 13 April 2026
Overview: Several security issues were fixed in kvmtool.

Packages
kvmtool - Native Linux KVM tool

Details
It was discovered that kvmtool did not properly manage memory under certain
circumstances. A malicious guest attacker could use this issue to cause
kvmtool to crash, leading to a denial of service, or possibly execute
arbitrary code on the host system. (CVE-2021-45464)

It was discovered that kvmtool incorrectly handled the 9p passthrough file
system. A malicious guest attacker could possibly use this issue to open
special files, escape the exported 9p tree, and execute arbitrary code on
the host system. (CVE-2023-2861)

Update instructions
In general, a standard system update will make all the necessary changes.

The problem can be corrected by updating your system to the following package versions:

  • 22.04 LTS jammy kvmtool – 0.20170904-1.1ubuntu0.1~esm2
  • 20.04 LTS focal kvmtool – 0.20170904-1ubuntu0.20.04.1~esm1
  • 18.04 LTS bionic kvmtool – 0.20170904-1ubuntu0.18.04.1~esm1
  • 16.04 LTS xenial kvmtool – 0.20151104-1ubuntu0.1~esm1
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad