Rapid7 Vulnerability & Exploit Database

CentOS: (CVE-2019-10166) CESA-2019:1579: libvirt

Back to Search

CentOS: (CVE-2019-10166) CESA-2019:1579: libvirt

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
06/20/2019
Created
06/25/2019
Added
06/21/2019
Modified
06/21/2019

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From CESA-2019:1579:

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

Security Fix(es):

libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161)libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166)libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Live migration fail with unsafe error when GPFS is used as shared filesystem (BZ#1715867)

Solution(s)

  • centos-upgrade-libvirt
  • centos-upgrade-libvirt-admin
  • centos-upgrade-libvirt-bash-completion
  • centos-upgrade-libvirt-client
  • centos-upgrade-libvirt-daemon
  • centos-upgrade-libvirt-daemon-config-network
  • centos-upgrade-libvirt-daemon-config-nwfilter
  • centos-upgrade-libvirt-daemon-driver-interface
  • centos-upgrade-libvirt-daemon-driver-lxc
  • centos-upgrade-libvirt-daemon-driver-network
  • centos-upgrade-libvirt-daemon-driver-nodedev
  • centos-upgrade-libvirt-daemon-driver-nwfilter
  • centos-upgrade-libvirt-daemon-driver-qemu
  • centos-upgrade-libvirt-daemon-driver-secret
  • centos-upgrade-libvirt-daemon-driver-storage
  • centos-upgrade-libvirt-daemon-driver-storage-core
  • centos-upgrade-libvirt-daemon-driver-storage-disk
  • centos-upgrade-libvirt-daemon-driver-storage-gluster
  • centos-upgrade-libvirt-daemon-driver-storage-iscsi
  • centos-upgrade-libvirt-daemon-driver-storage-logical
  • centos-upgrade-libvirt-daemon-driver-storage-mpath
  • centos-upgrade-libvirt-daemon-driver-storage-rbd
  • centos-upgrade-libvirt-daemon-driver-storage-scsi
  • centos-upgrade-libvirt-daemon-kvm
  • centos-upgrade-libvirt-daemon-lxc
  • centos-upgrade-libvirt-devel
  • centos-upgrade-libvirt-docs
  • centos-upgrade-libvirt-libs
  • centos-upgrade-libvirt-lock-sanlock
  • centos-upgrade-libvirt-login-shell
  • centos-upgrade-libvirt-nss

References

  • centos-upgrade-libvirt
  • centos-upgrade-libvirt-admin
  • centos-upgrade-libvirt-bash-completion
  • centos-upgrade-libvirt-client
  • centos-upgrade-libvirt-daemon
  • centos-upgrade-libvirt-daemon-config-network
  • centos-upgrade-libvirt-daemon-config-nwfilter
  • centos-upgrade-libvirt-daemon-driver-interface
  • centos-upgrade-libvirt-daemon-driver-lxc
  • centos-upgrade-libvirt-daemon-driver-network
  • centos-upgrade-libvirt-daemon-driver-nodedev
  • centos-upgrade-libvirt-daemon-driver-nwfilter
  • centos-upgrade-libvirt-daemon-driver-qemu
  • centos-upgrade-libvirt-daemon-driver-secret
  • centos-upgrade-libvirt-daemon-driver-storage
  • centos-upgrade-libvirt-daemon-driver-storage-core
  • centos-upgrade-libvirt-daemon-driver-storage-disk
  • centos-upgrade-libvirt-daemon-driver-storage-gluster
  • centos-upgrade-libvirt-daemon-driver-storage-iscsi
  • centos-upgrade-libvirt-daemon-driver-storage-logical
  • centos-upgrade-libvirt-daemon-driver-storage-mpath
  • centos-upgrade-libvirt-daemon-driver-storage-rbd
  • centos-upgrade-libvirt-daemon-driver-storage-scsi
  • centos-upgrade-libvirt-daemon-kvm
  • centos-upgrade-libvirt-daemon-lxc
  • centos-upgrade-libvirt-devel
  • centos-upgrade-libvirt-docs
  • centos-upgrade-libvirt-libs
  • centos-upgrade-libvirt-lock-sanlock
  • centos-upgrade-libvirt-login-shell
  • centos-upgrade-libvirt-nss

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;