vulnerability

Red Hat: CVE-2018-6764: Moderate: libvirt security, bug fix, and enhancement update (RHSA-2018:3113)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 23, 2018
Added
Oct 31, 2018
Modified
Mar 3, 2021

Description

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.

Solution(s)

redhat-upgrade-libvirtredhat-upgrade-libvirt-adminredhat-upgrade-libvirt-bash-completionredhat-upgrade-libvirt-clientredhat-upgrade-libvirt-daemonredhat-upgrade-libvirt-daemon-config-networkredhat-upgrade-libvirt-daemon-config-nwfilterredhat-upgrade-libvirt-daemon-driver-interfaceredhat-upgrade-libvirt-daemon-driver-lxcredhat-upgrade-libvirt-daemon-driver-networkredhat-upgrade-libvirt-daemon-driver-nodedevredhat-upgrade-libvirt-daemon-driver-nwfilterredhat-upgrade-libvirt-daemon-driver-qemuredhat-upgrade-libvirt-daemon-driver-secretredhat-upgrade-libvirt-daemon-driver-storageredhat-upgrade-libvirt-daemon-driver-storage-coreredhat-upgrade-libvirt-daemon-driver-storage-diskredhat-upgrade-libvirt-daemon-driver-storage-glusterredhat-upgrade-libvirt-daemon-driver-storage-iscsiredhat-upgrade-libvirt-daemon-driver-storage-logicalredhat-upgrade-libvirt-daemon-driver-storage-mpathredhat-upgrade-libvirt-daemon-driver-storage-rbdredhat-upgrade-libvirt-daemon-driver-storage-scsiredhat-upgrade-libvirt-daemon-kvmredhat-upgrade-libvirt-daemon-lxcredhat-upgrade-libvirt-debuginforedhat-upgrade-libvirt-develredhat-upgrade-libvirt-docsredhat-upgrade-libvirt-libsredhat-upgrade-libvirt-lock-sanlockredhat-upgrade-libvirt-login-shellredhat-upgrade-libvirt-nss

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today