Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.883070
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for libvirt CESA-2019:1579 centos7
Zusammenfassung:The remote host is missing an update for the 'libvirt'; package(s) announced via the CESA-2019:1579 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'libvirt'
package(s) announced via the CESA-2019:1579 advisory.

Vulnerability Insight:
The libvirt library contains a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.

Security Fix(es):

* libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
(CVE-2019-10161)

* libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
(CVE-2019-10166)

* libvirt: arbitrary command execution via virConnectGetDomainCapabilities
API (CVE-2019-10167)

* libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU
and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Live migration fail with unsafe error when GPFS is used as shared
filesystem (BZ#1715867)

Affected Software/OS:
'libvirt' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-10161
Common Vulnerability Exposure (CVE) ID: CVE-2019-10166
Common Vulnerability Exposure (CVE) ID: CVE-2019-10167
Common Vulnerability Exposure (CVE) ID: CVE-2019-10168
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.