Vulnerability in Libvirt

Libvirt is a virtualisation library used primarily in Linux systems. A vulnerability has been found in its ACL (access control list) implementation.

A local attacker may access files outside virtualised containers using the Libvirt management tools. The vulnerability only affects systems using container ACL:s.

Vulnerability coordination

The vulnerability was discovered by Ossi Herrala and Joonas Kuorilehto of the Codenomicon CROSS project. NCSC-FI would like to thank Codenomicon and the Libvirt project for participating in the vulnerability coordination.

  • Servers and server applications
  • Workstations and end-user applications
  • Network devices
  • Mobile communications systems
  • Embedded systems
  • Others


  • Servers and server applications
Further information +

Attack vector

  • Locally
Further information on the access vector +


  • Editing of information
  • Obtaining of confidential information
  • Security bypass
Further information on the impact +


  • Software update patch
Further information on the remediation +

Vulnerable software:

  • Libvirt
See the Libvirt advisory for version information.

Possible solutions and restrictive measures:

Update the affected software using the automatic updates of your OS provider.

Further information:

Contact Information

NCSC-FI Vulnerability Coorination can be contacted as follows:


Please quote the advisory reference [FICORA #876194] in the subject line.

+385 295 390 230
Monday - Friday 08:00 – 16:15 (EET: UTC+2)

Vulnerability Coordination
P.O. Box 313
FI-00181 Helsinki

NCSC-FI encourages those who wish to communicate via email to make use of our PGP key. The PGP key as well as the vulnerability coordination principles of NCSC-FI are available at:

Update history

Key words: Information security , CERT , Vulnerability coordination

LinkedIn Print


The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313


Media contacts by telephone +358 295 390 248