CVE-2019-10168

Name of the Vulnerable Software and Affected Versions libvirt versions 4.x.x through 4.10.0 libvirt versions 5.x.x through 5.4.0

Description The issue is caused by access control errors in the virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() functions of the libvirt library. Exploitation of this issue may allow an attacker to execute arbitrary code or elevate their privileges. The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() APIs accept an emulator argument, which can be used to specify the program providing emulation for a domain. Since version 1.2.19, libvirt executes the specified program to probe the domain's capabilities, allowing read-only clients to potentially execute a crafted executable with elevated privileges by specifying an arbitrary path for the emulator argument.

Recommendations For libvirt versions 4.x.x through 4.10.0, update to version 4.10.1 or later. For libvirt versions 5.x.x through 5.4.0, update to version 5.4.1 or later. As a temporary workaround, consider restricting access to the virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() functions until a patch is available.