Описание
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.1.1-0ubuntu5 |
| lucid | not-affected | code not present |
| precise | not-affected | code not present |
| quantal | not-affected | code not present |
| raring | not-affected | code not present |
| upstream | released | 1.1.2-2 |
Показывать по
EPSS
6.9 Medium
CVSS2
Связанные уязвимости
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1. ...
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
EPSS
6.9 Medium
CVSS2