SB2019070322 - Improper access control in libvirt (Alpine package)
Published: July 3, 2019
Security Bulletin ID
SB2019070322
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper access control (CVE-ID: CVE-2019-10167)
The vulnerability allows a local authenticated user to execute arbitrary code.
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=0a50437d8b8d5a583b96d5807d95e6b549772ba3
- https://git.alpinelinux.org/aports/commit/?id=57cb6585ba678d10c85a9ff2a577a280f58922ed
- https://git.alpinelinux.org/aports/commit/?id=011b9d5c5ae0af504ab1bb28a042d56676636a00
- https://git.alpinelinux.org/aports/commit/?id=8cad441d0bb3d51026cb0231485848ce9a821e6a
- https://git.alpinelinux.org/aports/commit/?id=911332961e1fa7187cf3869595066bb18d226e27
- https://git.alpinelinux.org/aports/commit/?id=2d0114c907c5b85d78a75d70bd60c5544ed8eedb
- https://git.alpinelinux.org/aports/commit/?id=d8c86688b6afbadd18a78b88a430ed4cabe78e7c