Candidate: CVE-2016-10746
PublicDate: 2019-04-18 16:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10746
Description:
 libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API
 calls by guest agents with an RO connection, even though an RW connection
 was supposed to be required, a different vulnerability than CVE-2019-3886.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N [7.5 HIGH]


Patches_libvirt:
 upstream: https://github.com/libvirt/libvirt/commit/506e9d6c2d4baaf580d489fff0690c0ff2ff588f
upstream_libvirt: released (1.3.1-1)
precise/esm_libvirt: ignored (end of ESM support, was needs-triage)
trusty_libvirt: ignored (reached end-of-life)
trusty/esm_libvirt: needs-triage
xenial_libvirt: not-affected (1.3.1-1ubuntu10.25)
esm-infra/xenial_libvirt: not-affected (1.3.1-1ubuntu10.25)
bionic_libvirt: not-affected (4.0.0-1ubuntu8.8)
cosmic_libvirt: not-affected
disco_libvirt: not-affected
eoan_libvirt: not-affected
focal_libvirt: not-affected
groovy_libvirt: not-affected
hirsute_libvirt: not-affected
impish_libvirt: not-affected
jammy_libvirt: not-affected
devel_libvirt: not-affected