util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
The product does not properly verify that the source of data or communication is valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libvirt | Redhat | - (including) | - (including) |