Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat libvirt 信息泄露漏洞
Vulnerability Description
Red Hat libvirt是美国红帽(Red Hat)公司的一个用于实现Linux虚拟化功能的Linux API,它支持各种Hypervisor,包括Xen和KVM,以及QEMU和用于其他操作系统的一些虚拟产品。 Red Hat libvirt 2.2之前的版本中存在信息泄露漏洞,该漏洞源于在使用RADOS Block Device时,qemu命令行中出现了Ceph凭证。本地攻击者可借助进程列表利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A