← back
CVE-2018-6764

CVE-2018-6764

EPSS 0.3%
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2018:3113https://www.debian.org/security/2018/dsa-4137https://www.redhat.com/archives/libvir-list/2018-February/msg00239.htmlhttp://www.ubuntu.com/usn/USN-3576-1