Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat libvirt LXC驱动程序后置链接漏洞
Vulnerability Description
Red Hat libvirt是美国红帽(Red Hat)公司的一个用于实现Linux虚拟化功能的Linux API,它支持各种Hypervisor,包括Xen和KVM,以及QEMU和用于其他操作系统的一些虚拟产品。 Red Hat libvirt 1.0.1至1.2.1版本的LXC驱动程序(lxc/lxc_driver.c)中存在安全漏洞。本地攻击者可利用该漏洞借助virDomainDeviceDettach API删除任意主机设备;借助virDomainDeviceAttach API创建任意节点(m
CVSS Information
N/A
Vulnerability Type
N/A