A vulnerability was found in libvirt >= 4.1.0 in the...
High severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Feb 13, 2023
Description
Published by the National Vulnerability Database
May 22, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Feb 13, 2023
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
References