Описание
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced recently in the virt-manager v2.2.0 release.
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced recently in the virt-manager v2.2.0 release.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-10183
- https://access.redhat.com/errata/RHSA-2019:3464
- https://access.redhat.com/security/cve/CVE-2019-10183
- https://bugzilla.redhat.com/show_bug.cgi?id=1726232
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10183
- https://virt-manager.org/download
- https://www.openwall.com/lists/oss-security/2019/07/03/1
- http://www.securityfocus.com/bid/109027
Связанные уязвимости
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced recently in the virt-manager v2.2.0 release.
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced recently in the virt-manager v2.2.0 release.
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced recently in the virt-manager v2.2.0 release.
Virt-install(1) utility used to provision new virtual machines has int ...
ELSA-2019-3464: virt-manager security, bug fix, and enhancement update (LOW)