CVE-2018-6764
published 2018-02-23CVE-2018-6764: util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libvirt | < libvirt 4.0.0-2 (bookworm) | libvirt 4.0.0-2 (bookworm) |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | libvirt | >= 0 < 4.0.0-2 | 4.0.0-2 |
| redhat | libvirt | >= 0 < 4.0.0-2 | 4.0.0-2 |
| redhat | libvirt | >= 0 < 4.0.0-2 | 4.0.0-2 |
| redhat | libvirt | >= 0 < 4.0.0-2 | 4.0.0-2 |
| redhat | libvirt | >= 0 < 1.2.2-0ubuntu13.1.26 | 1.2.2-0ubuntu13.1.26 |
| redhat | libvirt | >= 0 < 1.3.1-1ubuntu10.19 | 1.3.1-1ubuntu10.19 |
| redhat | virtualization | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL