cvedb.io
CVE-2016-9638
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2016-12-02T17:59:00.167 · Last modified 2026-06-17T00:56:22.153

Summary

In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to elevate their privileges to root.

Affected products

bmc — patrol

Does this affect you?

Add your gear to cvedb and we'll alert you only when bmc ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.