libvirt is vulnerable to Arbitrary Command Execution. The virConnectBaselineHypervisorCPU()
and virConnectCompareHypervisorCPU()
libvirt APIs accept an “emulator” argument to specify the program providing emulation for a domain. An attacker could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
CPE | Name | Operator | Version |
---|---|---|---|
libvirt.so | eq | 0.5000.0 |