The vulnerability of the virtlockd-admin.socket and virtlogd-admin.socket modules of the Libvirt management library allows attackers to increase their privileges.

The vulnerability of the virtlockd-admin.socket and virtlogd-admin.socket modules of the Libvirt management library is related to the absence of the SocketMode parameter. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

Authorization Bypass

libvirt.so is vulnerable to authorization bypass. A missing SocketMode configuration parameter allows a local user to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons...

libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter

A flaw was found in libvirt in version 4.1.0 and earlier. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. The highest threat from this...

DEBIAN-CVE-2019-10132

A vulnerability was found in libvirt = 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the...