The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libvirt | Redhat | 0.10.2.7 | 0.10.2.7 |
Libvirt | Redhat | 1.1.1 | 1.1.1 |
Libvirt | Redhat | 1.0.5.5 | 1.0.5.5 |