CVE-2019-3886

Summary

An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.

Affected Software

VendorProductVersion RangeStatus
The libvirt Projectlibvirt4.8.0 and aboveaffected

Weaknesses

  • CWE-862: CWE-862

ADP Enrichment

CVE Program Container

Additional References

References