Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-15708

Опубликовано: 04 авг. 2020
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

A flaw was found in libvirt, where an incorrect permissions issue occurs on the UNIX domain socket. This flaw allows a local attacker to access libvirt and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.

Отчет

This is an Ubuntu specific flaw. The versions of libvirt as shipped with Red Hat Enterprise Linux and RHEL Advanced Virtualization are not affected by this issue, as they leverage polkit for authentication. More specifically, the socket permission is 0666, and when an unprivileged user connects, polkit will validate the client and require them to provide the root password before libvirt allows any RPC calls to be performed.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libvirtNot affected
Red Hat Enterprise Linux 6libvirtNot affected
Red Hat Enterprise Linux 7libvirtNot affected
Red Hat Enterprise Linux 8virt:rhel/libvirtNot affected
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:8.2/libvirtNot affected
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:8.3/libvirtNot affected
Red Hat Storage 3libvirtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-732
https://bugzilla.redhat.com/show_bug.cgi?id=1866270libvirt: incorrect permissions on the UNIX domain socket allows local attacker to escalate privileges

EPSS

Процентиль: 35%
0.00142
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-15708

CVSS3: 9.3
ubuntu
больше 5 лет назад

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

nvd логотип

CVE-2020-15708

CVSS3: 9.3
nvd
больше 5 лет назад

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

debian логотип

CVE-2020-15708

CVSS3: 9.3
debian
больше 5 лет назад

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket wi ...

github логотип

GHSA-6pr6-q53r-2q97

CVSS3: 7.8
github
больше 3 лет назад

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

fstec логотип

BDU:2020-03920

CVSS3: 7.8
fstec
больше 5 лет назад

Уязвимость библиотеки управления виртуализацией Libvirt, связанная с неправильным присвоением разрешений для критичного ресурса, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 35%
0.00142
Низкий

7.8 High

CVSS3