Описание
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 4.0.0-1ubuntu8.12 |
| cosmic | released | 4.6.0-2ubuntu3.8 |
| devel | released | 5.4.0-0ubuntu3 |
| disco | released | 5.0.0-1ubuntu2.4 |
| eoan | released | 5.4.0-0ubuntu3 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | 4.0.0-1ubuntu8.12 |
| esm-infra/xenial | not-affected | 1.3.1-1ubuntu10.27 |
| precise/esm | not-affected | |
| trusty | ignored | end of standard support |
Показывать по
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x befo ...
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
Уязвимость функции virConnectGetDomainCapabilities() библиотеки управления виртуализацией Libvirt, позволяющая нарушителю выполнить произвольный код или повысить свои привилегии
4.6 Medium
CVSS2
7.8 High
CVSS3