Page 4 of 73 results (0.010 seconds)

CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. La API libvirt de la función virConnectGetDomainCapabilities(), versiones 4.x.x anteriores a 4.10.1 y versiones 5.x.x anteriores a 5.4.1, acepta un argumento "emulatorbin" para especificar el programa que proporciona emulación para un dominio. Desde versión v1.2.19, libvirt ejecutará ese programa para examinar las capacidades del dominio. • https://access.redhat.com/libvirt-privesc-vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10167 https://security.gentoo.org/glsa/202003-18 https://access.redhat.com/security/cve/CVE-2019-10167 https://bugzilla.redhat.com/show_bug.cgi?id=1720117 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-250: Execution with Unnecessary Privileges CWE-284: Improper Access Control CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. Se detectó que libvirtd anterior a versiones 4.10.1 y 5.4.1, permitiría a clientes de solo lectura usar la API de la función virDomainSaveImageGetXMLDesc(), especificando una ruta (path) arbitraria a la que se accedería con los permisos del proceso libvirtd. Un atacante con acceso al socket libvirtd podría usar esto para probar la existencia de archivos arbitrarios, causar una denegación de servicio o causar que libvirtd ejecute programas arbitrarios. It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. • https://access.redhat.com/libvirt-privesc-vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10161 https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=aed6a032cead4386472afb24b16196579e239580 https://security.gentoo.org/glsa/202003-18 https://usn.ubuntu.com/4047-2 https://access.redhat.com/security/cve/CVE-2019-10161 https://bugzilla.redhat.com/show_bug.cgi?id=1720115 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-284: Improper Access Control CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. Se encontró una vulnerabilidad en libvirt > = 4.1.0 en las unidades virtlockd-admin. Socket y virtlogd-admin. Socket systemd. • https://access.redhat.com/errata/RHSA-2019:1264 https://access.redhat.com/errata/RHSA-2019:1268 https://access.redhat.com/errata/RHSA-2019:1455 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5RANC4LWZQRVJGJHVWCU6R4CCXQMDD4L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2 https://security.libvirt.org/2019/0003.html https://usn.ub • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886. libvirt-domain.c en libvirt versiones anteriores a la 1.3.1 soporta las llamadas a la API virDomainGetTime por agentes invitados con una conexión RO, aunque se suponía que se requería una conexión RW, es una vulnerabilidad diferente de CVE-2019-3886. • https://github.com/libvirt/libvirt/commit/506e9d6c2d4baaf580d489fff0690c0ff2ff588f https://github.com/libvirt/libvirt/compare/11288f5...8fd6867 https://lists.debian.org/debian-lts-announce/2019/04/msg00032.html • CWE-254: 7PK - Security Features •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 1

An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block. Se ha descubierto una comprobación de permisos incorrecta en versiones de libvirt 4.8.0 y superiores. Se ha permitido que el permiso de solo lectura invoque API dependiendo del agente invitado, lo que podría conducir a una potencial divulgación de información no intencionada o una denegación de servicio (DoS) provocando un bloqueo de libvirt. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html http://www.securityfocus.com/bid/107777 https://access.redhat.com/errata/RHBA-2019:3723 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3886 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5DHYIFECZ7BMVXK4EP4FDFZXK7I5MZH https://usn.ubuntu.com/4021-1 • CWE-862: Missing Authorization •