msrc_cve-2020-10701
Vulnerability from csaf_microsoft
Published
2021-05-02 00:00
Modified
2021-12-16 00:00
Summary
A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2020-10701 A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2020-10701.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0.",
"tracking": {
"current_release_date": "2021-12-16T00:00:00.000Z",
"generator": {
"date": "2025-10-19T21:59:28.375Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2020-10701",
"initial_release_date": "2021-05-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-06-08T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2021-12-16T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added libvirt to CBL-Mariner 2.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 libvirt 6.1.0-3",
"product": {
"name": "\u003ccm1 libvirt 6.1.0-3",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cm1 libvirt 6.1.0-3",
"product": {
"name": "cm1 libvirt 6.1.0-3",
"product_id": "19119"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 libvirt 7.10.0-1",
"product": {
"name": "\u003ccbl2 libvirt 7.10.0-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 libvirt 7.10.0-1",
"product": {
"name": "cbl2 libvirt 7.10.0-1",
"product_id": "19120"
}
}
],
"category": "product_name",
"name": "libvirt"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 libvirt 6.1.0-3 as a component of CBL Mariner 1.0",
"product_id": "16820-2"
},
"product_reference": "2",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 libvirt 6.1.0-3 as a component of CBL Mariner 1.0",
"product_id": "19119-16820"
},
"product_reference": "19119",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 libvirt 7.10.0-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 libvirt 7.10.0-1 as a component of CBL Mariner 2.0",
"product_id": "19120-17086"
},
"product_reference": "19120",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-10701",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19119-16820",
"19120-17086"
],
"known_affected": [
"16820-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-10701 A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2020-10701.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T00:00:00.000Z",
"details": "6.1.0-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2021-06-08T00:00:00.000Z",
"details": "7.10.0-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"16820-2",
"17086-1"
]
}
],
"title": "A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0."
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…