{"id":"MGASA-2020-0283","summary":"Updated libvirt packages fix security vulnerability","details":"Updated libvirt packages fix security vulnerability:\n\nA flaw was found in the way the libvirtd daemon issued the 'suspend'\ncommand to a QEMU guest-agent running inside a guest, where it holds\na monitor job while issuing the 'suspend' command to a guest-agent.\nA malicious guest-agent may use this flaw to block the libvirt daemon\nindefinitely, resulting in a denial of service (CVE-2019-20485).\n","modified":"2026-04-16T04:42:18.985460319Z","published":"2020-07-06T20:42:41Z","upstream":["CVE-2019-20485"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0283.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26816"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/"}],"affected":[{"package":{"name":"libvirt","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/libvirt?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.5.0-1.2.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0283.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}