Описание
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.1-0ubuntu2 |
| lucid | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | ignored | end of life |
| saucy | released | 1.1.1-0ubuntu8.5 |
| upstream | released | 1.2.1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypa ...
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
EPSS
4.3 Medium
CVSS2