Vulnerability CVE-2019-10132


Published: 2019-05-22

Description:
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: Redhat
Product: Libvirt 
Version: 4.1.0;
Vendor: Fedoraproject
Product: Fedora 

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://access.redhat.com/errata/RHSA-2019:1264
https://access.redhat.com/errata/RHSA-2019:1268
https://access.redhat.com/errata/RHSA-2019:1455
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RANC4LWZQRVJGJHVWCU6R4CCXQMDD4L/
https://security.libvirt.org/2019/0003.html

Related CVE
CVE-2019-10155
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check v...
CVE-2019-0220
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions...
CVE-2019-11091
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access....
CVE-2018-12130
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of im...
CVE-2018-12127
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impact...
CVE-2018-12126
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of ...
CVE-2019-10143
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a rad...
CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference.

Copyright 2019, cxsecurity.com

 

Back to Top