Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat libvirt ‘virSecurityManagerSetProcessLabel’函数提权漏洞
Vulnerability Description
Red Hat libvirt是美国红帽(Red Hat)公司的一个用于实现Linux虚拟化功能的Linux API,它支持各种Hypervisor,包括Xen和KVM,以及QEMU和用于其他操作系统的一些虚拟产品。 libvirt 0.10.2.7,1.0.5.5,以及1.1.1版本中的‘virSecurityManagerSetProcessLabel’函数中存在提权漏洞,在域已读取了uid:gid标签的情况下,程序没有正确地设置组成员关系。本地攻击者可利用该漏洞进行提权。
CVSS Information
N/A
Vulnerability Type
N/A