CVE-2019-10161

Name: CVE-2019-10161
Creator: NVD / NIST
Published: 2019-07-30T23:15:12.12+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.52%

Last modified Jun 17, 2026

CVE-2019-10161 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.. EPSS estimates a 0.52% chance of exploitation in the next 30 days.

Description

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.52%

39.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Redhat	Libvirt	< 4.10.1
Redhat	Libvirt	>= 5.0.0, < 5.4.1
Redhat	Enterprise Linux	6.0
Redhat	Enterprise Linux	7.0
Redhat	Enterprise Linux	8.0
Redhat	Virtualization	4.0
Redhat	Virtualization Host	4.0
Canonical	Ubuntu Linux	14.04

References

https://access.redhat.com/libvirt-privesc-vulnerabilitiesThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10161Issue Tracking, Patch, Third Party Advisory
https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=aed6a032cead4386472afb24b16196579e239580
https://security.gentoo.org/glsa/202003-18Third Party Advisory
https://usn.ubuntu.com/4047-2/Third Party Advisory
https://access.redhat.com/libvirt-privesc-vulnerabilitiesThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10161Issue Tracking, Patch, Third Party Advisory
https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=aed6a032cead4386472afb24b16196579e239580
https://security.gentoo.org/glsa/202003-18Third Party Advisory
https://usn.ubuntu.com/4047-2/Third Party Advisory

Timeline

Published: Jul 30, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-10161?

How severe is CVE-2019-10161?

CVE-2019-10161 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.52% probability of exploitation in the next 30 days.

How do I fix CVE-2019-10161?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-10161?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST