Security update for libvirt SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0375-1 Final 1 1 2026-02-04T07:37:40Z current 2026-02-04T07:37:40Z 2026-02-04T07:37:40Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libvirt This update for libvirt fixes the following issues: Security fixes: - CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots (bsc#1253703) - CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML (bsc#1253278) Other fixes: - libvirt-supportconfig: Add support for supportconfig.rc (bsc#1251822) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-375,SUSE-SLE-Micro-5.3-2026-375,SUSE-SLE-Micro-5.4-2026-375 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260375-1/ Link for SUSE-SU-2026:0375-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024045.html E-Mail link for SUSE-SU-2026:0375-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1251822 SUSE Bug 1251822 https://bugzilla.suse.com/1253278 SUSE Bug 1253278 https://bugzilla.suse.com/1253703 SUSE Bug 1253703 https://www.suse.com/security/cve/CVE-2025-12748/ SUSE CVE CVE-2025-12748 page https://www.suse.com/security/cve/CVE-2025-13193/ SUSE CVE CVE-2025-13193 page SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 libvirt-8.0.0-150400.7.14.1 libvirt-client-8.0.0-150400.7.14.1 libvirt-daemon-8.0.0-150400.7.14.1 libvirt-daemon-config-network-8.0.0-150400.7.14.1 libvirt-daemon-config-nwfilter-8.0.0-150400.7.14.1 libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 libvirt-daemon-driver-libxl-8.0.0-150400.7.14.1 libvirt-daemon-driver-lxc-8.0.0-150400.7.14.1 libvirt-daemon-driver-network-8.0.0-150400.7.14.1 libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-gluster-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 libvirt-daemon-hooks-8.0.0-150400.7.14.1 libvirt-daemon-lxc-8.0.0-150400.7.14.1 libvirt-daemon-qemu-8.0.0-150400.7.14.1 libvirt-daemon-xen-8.0.0-150400.7.14.1 libvirt-devel-8.0.0-150400.7.14.1 libvirt-devel-32bit-8.0.0-150400.7.14.1 libvirt-devel-64bit-8.0.0-150400.7.14.1 libvirt-doc-8.0.0-150400.7.14.1 libvirt-libs-8.0.0-150400.7.14.1 libvirt-lock-sanlock-8.0.0-150400.7.14.1 libvirt-nss-8.0.0-150400.7.14.1 wireshark-plugin-libvirt-8.0.0-150400.7.14.1 libvirt-client-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-network-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-daemon-qemu-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-libs-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.3 libvirt-client-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-network-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-daemon-qemu-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 libvirt-libs-8.0.0-150400.7.14.1 as a component of SUSE Linux Enterprise Micro 5.4 A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvirt to allocate too much memory on the host. The excessive memory consumption could lead to a libvirt process crash on the host, resulting in a denial-of-service condition. CVE-2025-12748 SUSE Linux Enterprise Micro 5.3:libvirt-client-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-network-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-libs-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-client-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-network-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-libs-8.0.0-150400.7.14.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260375-1/ https://www.suse.com/security/cve/CVE-2025-12748.html CVE-2025-12748 https://bugzilla.suse.com/1253277 SUSE Bug 1253277 A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability. CVE-2025-13193 SUSE Linux Enterprise Micro 5.3:libvirt-client-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-network-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-daemon-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.3:libvirt-libs-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-client-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-interface-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-network-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-nodedev-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-nwfilter-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-secret-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-core-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-disk-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-logical-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-daemon-qemu-8.0.0-150400.7.14.1 SUSE Linux Enterprise Micro 5.4:libvirt-libs-8.0.0-150400.7.14.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260375-1/ https://www.suse.com/security/cve/CVE-2025-13193.html CVE-2025-13193 https://bugzilla.suse.com/1253703 SUSE Bug 1253703