Количество 11
Количество 11
CVE-2019-10168
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
CVE-2019-10168
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
CVE-2019-10168
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
CVE-2019-10168
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorC ...
GHSA-v3hc-v42h-rp66
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
BDU:2019-02854
Уязвимость функций virConnectBaselineHypervisorCPU() и virConnectCompareHypervisorCPU() библиотеки управления виртуализацией Libvirt, позволяющая нарушителю выполнить произвольный код или повысить свои привилегии
openSUSE-SU-2019:1753-1
Security update for libvirt
SUSE-SU-2019:1643-1
Security update for libvirt
ELSA-2019-1580
ELSA-2019-1580: virt:rhel security update (IMPORTANT)
ELSA-2019-1579
ELSA-2019-1579: libvirt security and bug fix update (IMPORTANT)
ELSA-2019-4714
ELSA-2019-4714: libvirt security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-10168 The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | CVSS3: 7.8 | 0% Низкий | почти 6 лет назад |
 | CVE-2019-10168 The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
 | CVE-2019-10168 The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | CVSS3: 7.8 | 0% Низкий | почти 6 лет назад |
| CVE-2019-10168 The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorC ... | CVSS3: 7.8 | 0% Низкий | почти 6 лет назад |
| GHSA-v3hc-v42h-rp66 The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | 0% Низкий | около 3 лет назад | |
 | BDU:2019-02854 Уязвимость функций virConnectBaselineHypervisorCPU() и virConnectCompareHypervisorCPU() библиотеки управления виртуализацией Libvirt, позволяющая нарушителю выполнить произвольный код или повысить свои привилегии | CVSS2: 4.6 | 0% Низкий | около 6 лет назад |
 | openSUSE-SU-2019:1753-1 Security update for libvirt | почти 6 лет назад | ||
| SUSE-SU-2019:1643-1 Security update for libvirt | около 6 лет назад | ||
| ELSA-2019-1580 ELSA-2019-1580: virt:rhel security update (IMPORTANT) | почти 6 лет назад | ||
| ELSA-2019-1579 ELSA-2019-1579: libvirt security and bug fix update (IMPORTANT) | около 6 лет назад | ||
| ELSA-2019-4714 ELSA-2019-4714: libvirt security update (IMPORTANT) | почти 6 лет назад |
Уязвимостей на страницу