CVE 2018-6764
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
Related bugs and status
CVE-2018-6764 (Candidate) is related to these bugs:
Bug #1365261: Apparmor denies qemu access to /tmp directory
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1365261 | Apparmor denies qemu access to /tmp directory | libvirt (Ubuntu) | Low | Fix Released | ||
Bug #1754871: qemu-bridge-helper fails due to apparmor blocks
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1754871 | qemu-bridge-helper fails due to apparmor blocks | libvirt (Ubuntu) | Low | Fix Released | ||
Bug #1779674: AppArmor does not permit access to rbd admin socket hardcoded in OpenStack charms
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1779674 | AppArmor does not permit access to rbd admin socket hardcoded in OpenStack charms | libvirt (Ubuntu) | Medium | Fix Released | ||
Bug #1784023: Update profiles for usrmerge
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1784023 | Update profiles for usrmerge | apparmor (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | man-db (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | libvirt (Ubuntu) | Medium | Fix Released | ||
| 1784023 | Update profiles for usrmerge | lightdm (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | firefox (Ubuntu) | Undecided | In Progress | ||
| 1784023 | Update profiles for usrmerge | isc-dhcp (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | telepathy-mission-control-5 (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | strongswan (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | dhcpcanon (Ubuntu) | Undecided | New | ||
| 1784023 | Update profiles for usrmerge | fwknop (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | i2p (Ubuntu) | Undecided | New | ||
| 1784023 | Update profiles for usrmerge | kopanocore (Ubuntu) | Undecided | New | ||
| 1784023 | Update profiles for usrmerge | lightdm-remote-session-freerdp2 (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | lightdm-remote-session-x2go (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | surf (Ubuntu) | Undecided | Fix Released | ||
| 1784023 | Update profiles for usrmerge | ejabberd (Ubuntu) | Undecided | New | ||
| 1784023 | Update profiles for usrmerge | apparmor-profiles-extra (Ubuntu) | Undecided | New | ||
| 1784023 | Update profiles for usrmerge | strongswan (Debian) | Unknown | Fix Released | ||
Bug #1786019: Local apparmor include to tweak libvirt-qemu
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1786019 | Local apparmor include to tweak libvirt-qemu | libvirt (Ubuntu) | Undecided | Fix Released | ||
Bug #1786168: qemu mount namespaces conflict with libvirt 4.6
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1786168 | qemu mount namespaces conflict with libvirt 4.6 | libvirt (Ubuntu) | Medium | Fix Released | ||
Bug #1786179: double virtlogd sockets with services running can trigger issues on upgrade
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1786179 | double virtlogd sockets with services running can trigger issues on upgrade | libvirt (Ubuntu) | Undecided | Fix Released | ||
| 1786179 | double virtlogd sockets with services running can trigger issues on upgrade | libvirt (Debian) | Unknown | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
