Published: 02/08/2019 Updated: 15/10/2020

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x prior to 4.10.1 and 5.x.x prior to 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat libvirt
redhat enterprise linux workstation 6.0
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat virtualization 4.3
redhat enterprise linux server eus 7.6
redhat enterprise linux server tus 7.6
redhat enterprise linux 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux desktop 7.0
redhat enterprise linux server 7.0
redhat enterprise linux 8.0
redhat enterprise linux server aus 7.6

Several security issues were fixed in libvirt ...

Synopsis Important: libvirt security and bug fix update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...

Synopsis Important: virt:rhel security update Type/Severity Security Advisory: Important Topic An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...

Synopsis Important: virt:800 security update Type/Severity Security Advisory: Important Topic An update for the virt:800 module is now available for Red Hat Enterprise Linux 8 Advanced VirtualizationRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...

Synopsis Important: redhat-virtualization-host security and enhancement update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a sec ...

Impact: Important Public Date: 2019-06-20 CWE: (CWE-284|CWE-250) Bugzilla: 1720118: CVE-2019-10168 libv ...

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access (CVE-2019-11091) Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches The wr ...

CWE-22 https://access.redhat.com/libvirt-privesc-vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10168 https://security.gentoo.org/glsa/202003-18 https://usn.ubuntu.com/4047-1/https://nvd.nist.gov

CVE-2019-10168

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect