CVE-2019-10167

Name of the Vulnerable Software and Affected Versions libvirt versions 4.x.x through 4.10.0 libvirt versions 5.x.x through 5.4.0

Description The issue is related to the virConnectGetDomainCapabilities() function in the libvirt API, which accepts an emulatorbin argument. This argument can be used to specify a program for domain emulation. Since version 1.2.19, libvirt executes the specified program to probe domain capabilities. A problem arises because read-only clients can provide an arbitrary path for the emulatorbin argument, potentially causing libvirtd to execute a crafted executable with its own privileges. This is due to errors in access control.

Recommendations For libvirt versions 4.x.x through 4.10.0, update to version 4.10.1 or later. For libvirt versions 5.x.x through 5.4.0, update to version 5.4.1 or later. As a temporary workaround, consider restricting access to the virConnectGetDomainCapabilities() function until a patch is available. Avoid using the emulatorbin argument in the affected API endpoint until the issue is resolved.