Reco

**Name of the Vulnerable Software and Affected Versions** libvirt versions 1.0.1 through 1.2.1 **Description** The issue allows local users to delete arbitrary host devices via the "virDomainDeviceDettach" API and a symlink attack on "/dev" in the container. It also enables users to create arbitrary nodes via the "virDomainDeviceAttach" API and a symlink attack on "/dev" in the container. Furthermore, it can cause a denial of service, such as shutting down or rebooting the host OS, via the "virDomainShutdown" or "virDomainReboot" API and a symlink attack on "/dev/initctl" in the container. This is related to paths under "/proc/$PID/root" and the `virInitctlSetRunLevel` function. **Recommendations** For libvirt versions 1.0.1 through 1.2.1, consider disabling the `virDomainDeviceDettach` and `virDomainDeviceAttach` APIs as a temporary workaround to prevent arbitrary device deletion and node creation. Additionally, restrict access to the `virDomainShutdown` and `virDomainReboot` APIs to minimize the risk of denial of service attacks. Avoid using the `virInitctlSetRunLevel` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.