Описание
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | released | 4.6.0-2ubuntu3.8 |
| devel | released | 5.4.0-0ubuntu3 |
| disco | released | 5.0.0-1ubuntu2.4 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| precise/esm | not-affected | code not present |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected | code not present |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorC ...
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
Уязвимость функций virConnectBaselineHypervisorCPU() и virConnectCompareHypervisorCPU() библиотеки управления виртуализацией Libvirt, позволяющая нарушителю выполнить произвольный код или повысить свои привилегии
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3