vulnerability

CentOS Linux: CVE-2018-6764: Moderate: libvirt security, bug fix, and enhancement update (CESA-2018:3113)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 23, 2018
Added
Aug 28, 2019
Modified
May 25, 2023

Description

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.

Solution(s)

centos-upgrade-libvirtcentos-upgrade-libvirt-admincentos-upgrade-libvirt-bash-completioncentos-upgrade-libvirt-clientcentos-upgrade-libvirt-daemoncentos-upgrade-libvirt-daemon-config-networkcentos-upgrade-libvirt-daemon-config-nwfiltercentos-upgrade-libvirt-daemon-driver-interfacecentos-upgrade-libvirt-daemon-driver-lxccentos-upgrade-libvirt-daemon-driver-networkcentos-upgrade-libvirt-daemon-driver-nodedevcentos-upgrade-libvirt-daemon-driver-nwfiltercentos-upgrade-libvirt-daemon-driver-qemucentos-upgrade-libvirt-daemon-driver-secretcentos-upgrade-libvirt-daemon-driver-storagecentos-upgrade-libvirt-daemon-driver-storage-corecentos-upgrade-libvirt-daemon-driver-storage-diskcentos-upgrade-libvirt-daemon-driver-storage-glustercentos-upgrade-libvirt-daemon-driver-storage-iscsicentos-upgrade-libvirt-daemon-driver-storage-logicalcentos-upgrade-libvirt-daemon-driver-storage-mpathcentos-upgrade-libvirt-daemon-driver-storage-rbdcentos-upgrade-libvirt-daemon-driver-storage-scsicentos-upgrade-libvirt-daemon-kvmcentos-upgrade-libvirt-daemon-lxccentos-upgrade-libvirt-debuginfocentos-upgrade-libvirt-develcentos-upgrade-libvirt-docscentos-upgrade-libvirt-libscentos-upgrade-libvirt-lock-sanlockcentos-upgrade-libvirt-login-shellcentos-upgrade-libvirt-nss

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today