Количество 14
Количество 14
GHSA-g9cg-gvh5-48hm
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
CVE-2019-10166
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ...
BDU:2019-02445
Уязвимость функции virDomainManagedSaveDefineXML библиотеки libvirtd, позволяющая нарушителю изменять произвольные файлы
openSUSE-SU-2019:1672-1
Security update for libvirt
SUSE-SU-2019:1637-1
Security update for libvirt
SUSE-SU-2019:1599-1
Security update for libvirt
openSUSE-SU-2019:1753-1
Security update for libvirt
SUSE-SU-2019:1643-1
Security update for libvirt
ELSA-2019-1580
ELSA-2019-1580: virt:rhel security update (IMPORTANT)
ELSA-2019-1579
ELSA-2019-1579: libvirt security and bug fix update (IMPORTANT)
ELSA-2019-4714
ELSA-2019-4714: libvirt security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-g9cg-gvh5-48hm It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | 0% Низкий | около 3 лет назад | |
 | CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | CVSS3: 7.8 | 0% Низкий | почти 6 лет назад |
 | CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | CVSS3: 7.8 | 0% Низкий | около 6 лет назад |
 | CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | CVSS3: 7.8 | 0% Низкий | почти 6 лет назад |
| CVE-2019-10166 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ... | CVSS3: 7.8 | 0% Низкий | почти 6 лет назад |
 | BDU:2019-02445 Уязвимость функции virDomainManagedSaveDefineXML библиотеки libvirtd, позволяющая нарушителю изменять произвольные файлы | CVSS2: 4.6 | 0% Низкий | около 6 лет назад |
 | openSUSE-SU-2019:1672-1 Security update for libvirt | почти 6 лет назад | ||
| SUSE-SU-2019:1637-1 Security update for libvirt | около 6 лет назад | ||
| SUSE-SU-2019:1599-1 Security update for libvirt | около 6 лет назад | ||
| openSUSE-SU-2019:1753-1 Security update for libvirt | почти 6 лет назад | ||
| SUSE-SU-2019:1643-1 Security update for libvirt | около 6 лет назад | ||
| ELSA-2019-1580 ELSA-2019-1580: virt:rhel security update (IMPORTANT) | почти 6 лет назад | ||
| ELSA-2019-1579 ELSA-2019-1579: libvirt security and bug fix update (IMPORTANT) | около 6 лет назад | ||
| ELSA-2019-4714 ELSA-2019-4714: libvirt security update (IMPORTANT) | почти 6 лет назад |
Уязвимостей на страницу