{"id":"USN-4047-2","summary":"libvirt vulnerability","details":"USN-4047-1 fixed a vulnerability in libvirt. This update provides\nthe corresponding update for Ubuntu 14.04 ESM.\n\nOriginal advisory details:\n\n Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled\n certain API calls. An attacker could possibly use this issue to check for\n arbitrary files, or execute arbitrary binaries. In the default\n installation, attackers would be isolated by the libvirt AppArmor profile.\n","modified":"2026-02-10T04:41:34Z","published":"2020-01-13T14:12:22Z","related":["UBUNTU-CVE-2019-10161"],"upstream":["CVE-2019-10161","UBUNTU-CVE-2019-10161"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4047-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-10161"}],"affected":[{"package":{"name":"libvirt","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/libvirt@1.2.2-0ubuntu13.1.28+esm1?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.2-0ubuntu13.1.28+esm1"}]}],"versions":["1.1.1-0ubuntu8","1.1.1-0ubuntu9","1.1.4-0ubuntu2","1.1.4-0ubuntu3","1.1.4-0ubuntu4","1.1.4-0ubuntu5","1.2.0-0ubuntu1","1.2.0-0ubuntu2","1.2.0-0ubuntu3","1.2.1-0ubuntu1","1.2.1-0ubuntu2","1.2.1-0ubuntu3","1.2.1-0ubuntu4","1.2.1-0ubuntu5","1.2.1-0ubuntu7","1.2.1-0ubuntu8","1.2.1-0ubuntu9","1.2.1-0ubuntu10","1.2.2-0ubuntu1","1.2.2-0ubuntu2","1.2.2-0ubuntu3","1.2.2-0ubuntu4","1.2.2-0ubuntu5","1.2.2-0ubuntu6","1.2.2-0ubuntu7","1.2.2-0ubuntu8","1.2.2-0ubuntu9","1.2.2-0ubuntu10","1.2.2-0ubuntu11","1.2.2-0ubuntu12","1.2.2-0ubuntu13","1.2.2-0ubuntu13.1","1.2.2-0ubuntu13.1.1","1.2.2-0ubuntu13.1.2","1.2.2-0ubuntu13.1.4","1.2.2-0ubuntu13.1.5","1.2.2-0ubuntu13.1.6","1.2.2-0ubuntu13.1.7","1.2.2-0ubuntu13.1.8","1.2.2-0ubuntu13.1.9","1.2.2-0ubuntu13.1.10","1.2.2-0ubuntu13.1.12","1.2.2-0ubuntu13.1.14","1.2.2-0ubuntu13.1.16","1.2.2-0ubuntu13.1.17","1.2.2-0ubuntu13.1.20","1.2.2-0ubuntu13.1.21","1.2.2-0ubuntu13.1.22","1.2.2-0ubuntu13.1.23","1.2.2-0ubuntu13.1.25","1.2.2-0ubuntu13.1.26","1.2.2-0ubuntu13.1.27","1.2.2-0ubuntu13.1.28"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_name":"libvirt-bin","binary_version":"1.2.2-0ubuntu13.1.28+esm1"},{"binary_name":"libvirt-dev","binary_version":"1.2.2-0ubuntu13.1.28+esm1"},{"binary_name":"libvirt0","binary_version":"1.2.2-0ubuntu13.1.28+esm1"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-10161"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4047-2.json"}}],"schema_version":"1.7.3"}