vulnerability

SUSE: CVE-2020-15708: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 4, 2020
Added
Oct 21, 2020
Modified
Feb 4, 2022

Description

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

Solution(s)

suse-upgrade-libvirtsuse-upgrade-libvirt-adminsuse-upgrade-libvirt-bash-completionsuse-upgrade-libvirt-clientsuse-upgrade-libvirt-daemonsuse-upgrade-libvirt-daemon-config-networksuse-upgrade-libvirt-daemon-config-nwfiltersuse-upgrade-libvirt-daemon-driver-interfacesuse-upgrade-libvirt-daemon-driver-libxlsuse-upgrade-libvirt-daemon-driver-lxcsuse-upgrade-libvirt-daemon-driver-networksuse-upgrade-libvirt-daemon-driver-nodedevsuse-upgrade-libvirt-daemon-driver-nwfiltersuse-upgrade-libvirt-daemon-driver-qemususe-upgrade-libvirt-daemon-driver-secretsuse-upgrade-libvirt-daemon-driver-storagesuse-upgrade-libvirt-daemon-driver-storage-coresuse-upgrade-libvirt-daemon-driver-storage-disksuse-upgrade-libvirt-daemon-driver-storage-glustersuse-upgrade-libvirt-daemon-driver-storage-iscsisuse-upgrade-libvirt-daemon-driver-storage-iscsi-directsuse-upgrade-libvirt-daemon-driver-storage-logicalsuse-upgrade-libvirt-daemon-driver-storage-mpathsuse-upgrade-libvirt-daemon-driver-storage-rbdsuse-upgrade-libvirt-daemon-driver-storage-scsisuse-upgrade-libvirt-daemon-hookssuse-upgrade-libvirt-daemon-lxcsuse-upgrade-libvirt-daemon-qemususe-upgrade-libvirt-daemon-xensuse-upgrade-libvirt-develsuse-upgrade-libvirt-devel-32bitsuse-upgrade-libvirt-docsuse-upgrade-libvirt-libssuse-upgrade-libvirt-lock-sanlocksuse-upgrade-libvirt-nsssuse-upgrade-wireshark-plugin-libvirt

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today