Количество 14
Количество 14
GHSA-g9cg-gvh5-48hm
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ...
BDU:2019-02445
Уязвимость функции virDomainManagedSaveDefineXML библиотеки libvirtd, позволяющая нарушителю изменять произвольные файлы
openSUSE-SU-2019:1672-1
Security update for libvirt
SUSE-SU-2019:1637-1
Security update for libvirt
SUSE-SU-2019:1599-1
Security update for libvirt
openSUSE-SU-2019:1753-1
Security update for libvirt
SUSE-SU-2019:1643-1
Security update for libvirt
ELSA-2019-1580
ELSA-2019-1580: virt:ol security update (IMPORTANT)
ELSA-2019-1579
ELSA-2019-1579: libvirt security and bug fix update (IMPORTANT)
ELSA-2019-4714
ELSA-2019-4714: libvirt security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-g9cg-gvh5-48hm It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | 0% Низкий | почти 4 года назад | |
 | CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | CVSS3: 7.8 | 0% Низкий | почти 7 лет назад |
 | CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ... | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
 | BDU:2019-02445 Уязвимость функции virDomainManagedSaveDefineXML библиотеки libvirtd, позволяющая нарушителю изменять произвольные файлы | CVSS2: 4.6 | 0% Низкий | почти 7 лет назад |
 | openSUSE-SU-2019:1672-1 Security update for libvirt | больше 6 лет назад | ||
| SUSE-SU-2019:1637-1 Security update for libvirt | почти 7 лет назад | ||
| SUSE-SU-2019:1599-1 Security update for libvirt | почти 7 лет назад | ||
| openSUSE-SU-2019:1753-1 Security update for libvirt | больше 6 лет назад | ||
| SUSE-SU-2019:1643-1 Security update for libvirt | почти 7 лет назад | ||
| ELSA-2019-1580 ELSA-2019-1580: virt:ol security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-1579 ELSA-2019-1579: libvirt security and bug fix update (IMPORTANT) | почти 7 лет назад | ||
| ELSA-2019-4714 ELSA-2019-4714: libvirt security update (IMPORTANT) | больше 6 лет назад |
Уязвимостей на страницу