V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
CVE-2020-14339
DEB
High

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows…

CVSS
8.8
High
EPSS
0.00
p41
Published
2020-01-01
Updated
2020-01-01
Description

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Tags · CWE
CWE-772
CAPEC-469
Affected products
LibvirtLibvirtLibvirtLibvirtLibvirtLibvirtLibvirtLibvirtLibvirt-adminLibvirt-clientLibvirt-daemonLibvirt-daemon-config-networkLibvirt-daemon-config-nwfilterLibvirt-daemon-driver-interfaceLibvirt-daemon-driver-lxcLibvirt-daemon-driver-networkLibvirt-daemon-driver-nodedevLibvirt-daemon-driver-nwfilterLibvirt-daemon-driver-qemuLibvirt-daemon-driver-secret
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Timeline
2020-01-01
Published
2020-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: L
Low (L)
User Interaction
UI: N
None (N)
Scope
S: C
Changed (C)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.002 · p41
Known exploited (KEV)
No
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-469 · CWE-772
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected software
ProductVendorStatus
libvirtTracked
libvirtTracked
libvirtTracked
libvirtTracked
libvirtTracked
libvirtTracked
libvirtTracked
libvirtTracked
libvirt-adminTracked
libvirt-clientTracked
libvirt-daemonTracked
libvirt-daemon-config-networkTracked
libvirt-daemon-config-nwfilterTracked
libvirt-daemon-driver-interfaceTracked
libvirt-daemon-driver-lxcTracked
libvirt-daemon-driver-networkTracked
libvirt-daemon-driver-nodedevTracked
libvirt-daemon-driver-nwfilterTracked
libvirt-daemon-driver-qemuTracked
libvirt-daemon-driver-secretTracked
Source databases
DEB
CVE
RED
UBU