Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-10167

Опубликовано: 02 авг. 2019
Источник: nvd
CVSS3: 8.8
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
Версия от 4.0.0 (включая) до 4.10.1 (исключая)
cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
Версия от 5.0.0 (включая) до 5.4.1 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:virtualization:4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 14%
0.00046
Низкий

8.8 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-250
CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2019-10167

CVSS3: 7.8
ubuntu
почти 6 лет назад

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

redhat логотип

CVE-2019-10167

CVSS3: 8.8
redhat
около 6 лет назад

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

debian логотип

CVE-2019-10167

CVSS3: 7.8
debian
почти 6 лет назад

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x befo ...

github логотип

GHSA-5p5j-3wqp-w634

CVSS3: 7.8
github
около 3 лет назад

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

fstec логотип

BDU:2019-02853

CVSS3: 4.9
fstec
почти 6 лет назад

Уязвимость функции virConnectGetDomainCapabilities() библиотеки управления виртуализацией Libvirt, позволяющая нарушителю выполнить произвольный код или повысить свои привилегии

EPSS

Процентиль: 14%
0.00046
Низкий

8.8 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-250
CWE-22