A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libvirt-doc": "1.3.1-1ubuntu10.25", "libvirt0-dbgsym": "1.3.1-1ubuntu10.25", "libvirt-dev-dbgsym": "1.3.1-1ubuntu10.25", "libvirt-dev": "1.3.1-1ubuntu10.25", "libvirt-bin-dbgsym": "1.3.1-1ubuntu10.25", "libvirt0": "1.3.1-1ubuntu10.25", "libvirt0-dbg": "1.3.1-1ubuntu10.25", "libvirt-bin": "1.3.1-1ubuntu10.25" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libvirt-daemon-driver-storage-gluster-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-wireshark-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-rbd": "4.0.0-1ubuntu8.9", "libvirt-clients-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-sheepdog": "4.0.0-1ubuntu8.9", "libvirt-sanlock": "4.0.0-1ubuntu8.9", "libvirt-doc": "4.0.0-1ubuntu8.9", "libvirt-daemon-system-dbgsym": "4.0.0-1ubuntu8.9", "libvirt0-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-dev": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-rbd-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-clients": "4.0.0-1ubuntu8.9", "libvirt0": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-zfs": "4.0.0-1ubuntu8.9", "libvirt-daemon-system": "4.0.0-1ubuntu8.9", "libvirt-sanlock-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-wireshark": "4.0.0-1ubuntu8.9", "libnss-libvirt-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-zfs-dbgsym": "4.0.0-1ubuntu8.9", "libnss-libvirt": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-sheepdog-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-daemon-dbgsym": "4.0.0-1ubuntu8.9", "libvirt-daemon-driver-storage-gluster": "4.0.0-1ubuntu8.9", "libvirt-daemon": "4.0.0-1ubuntu8.9", "libvirt-bin": "4.0.0-1ubuntu8.9" } ] }