Launchpad.net

CVE 2019-10132

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

Related bugs and status

CVE-2019-10132 (Candidate) is related to these bugs:

Bug #1655111: LibVirt Apparmor profile has qemu-bridge-helper listed in the wrong directory

Summary				In	Importance	Status
	1655111	LibVirt Apparmor profile has qemu-bridge-helper listed in the wrong directory		libvirt (Ubuntu)	Medium	Fix Released
	1655111	LibVirt Apparmor profile has qemu-bridge-helper listed in the wrong directory		libvirt (Ubuntu Eoan)	Medium	Fix Released

Bug #1834113: QEMU touchpad input erratic after wakeup from sleep

		In	Importance	Status
1834113	QEMU touchpad input erratic after wakeup from sleep	qemu (Ubuntu)	Low	Expired
1834113	QEMU touchpad input erratic after wakeup from sleep	QEMU	Undecided	Expired
1834113	QEMU touchpad input erratic after wakeup from sleep	libvirt (Ubuntu)	Low	Expired

Bug #1845506: Libvirt snapshot doesn't update apparmor profile

		In	Importance	Status
1845506	Libvirt snapshot doesn't update apparmor profile	libvirt (Ubuntu)	Medium	Fix Released
1845506	Libvirt snapshot doesn't update apparmor profile	libvirt	Undecided	Confirmed
1845506	Libvirt snapshot doesn't update apparmor profile	libvirt (Ubuntu Bionic)	Undecided	Won't Fix

Bug #1848229: [Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available

		In	Importance	Status
1848229	[Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available	libvirt (Ubuntu)	Undecided	Fix Released
1848229	[Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available	The Ubuntu-power-systems project	Medium	Fix Released
1848229	[Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available	libvirt (Ubuntu Bionic)	Undecided	Won't Fix
1848229	[Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available	libvirt (Ubuntu Eoan)	Undecided	Won't Fix
1848229	[Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available	libvirt (Ubuntu Focal)	Undecided	Fix Released
1848229	[Power9][WSP][DD2.3] cap-ibs=workaround defaults to "full software flush sequence" though "hardware assisted flush" is available	libvirt (Ubuntu Disco)	Undecided	Won't Fix

Bug #1854653: during shutdown libvirt-guests.sh shouldn't run if libvirtd isn't running

Summary				In	Importance	Status
	1854653	during shutdown libvirt-guests.sh shouldn't run if libvirtd isn't running		libvirt (Ubuntu)	Low	Fix Released

Bug #1858341: rbd driver does not list all volumes in pool

Summary				In	Importance	Status
	1858341	rbd driver does not list all volumes in pool		libvirt (Ubuntu)	High	Fix Released
	1858341	rbd driver does not list all volumes in pool		libvirt (Ubuntu Eoan)	Low	Won't Fix

Bug #1859253: rbd driver fails to create a new volume

Summary				In	Importance	Status
	1859253	rbd driver fails to create a new volume		libvirt (Ubuntu)	High	Fix Released
	1859253	rbd driver fails to create a new volume		libvirt (Ubuntu Eoan)	Low	Won't Fix

Bug #1859506: swtpm fails in focal with apparmor

Summary				In	Importance	Status
	1859506	swtpm fails in focal with apparmor		qemu (Ubuntu)	Undecided	Invalid
	1859506	swtpm fails in focal with apparmor		libvirt (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2019-10132

Related bugs and status

Related bugs

References