PT-2019-2887 · Libvirt+5 · Libvirt+5

Daniel P. Berrangé

Published

2018-04-02

Updated

2024-06-15

CVE-2019-10132

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libvirt versions 4.1.0 and later

Description A vulnerability was found in the virtlockd-admin.socket and virtlogd-admin.socket systemd units of libvirt. The issue is caused by a missing SocketMode configuration parameter, which allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. This could potentially allow an attacker to elevate their privileges.

Recommendations For libvirt versions 4.1.0 and later, consider adding the SocketMode configuration parameter to the virtlockd-admin.socket and virtlogd-admin.socket systemd units to restrict access. As a temporary workaround, consider restricting access to the virtlockd-admin-sock and virtlogd-admin-sock sockets to minimize the risk of exploitation.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-732

Related Identifiers

ALT-PU-2018-1530

ALT-PU-2019-1991

ALT-PU-2019-1995

BDU:2019-02856

CESA-2019_1264

CESA-2019_1268

CVE-2019-10132

MGASA-2019-0390

OPENSUSE-SU-2024:11008-1

RHSA-2019:1264

RHSA-2019:1268

RHSA-2019:1455

RHSA-2019_1264

RHSA-2019_1268

SUSE-SU-2019:1490-1

USN-4021-1

Affected Products

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Libvirt

PT-2019-2887 · Libvirt+5 · Libvirt+5

CVE-2019-10132

Weakness Enumeration

Related Identifiers

Affected Products

References · 91