CVE-2020-10701: 
NixOS vulnerability analysis and mitigation

A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout (CVE-2020-10701). The vulnerability was introduced in libvirt version 5.10.0 and fixed in version 6.2.0. This flaw allowed users with read-only access to modify the response timeout for all guest agent messages (Red Hat Bugzilla).

The vulnerability exists in the libvirt API that handles QEMU agent response timeout settings. The specific issue stems from a lack of proper authorization checks, allowing users with read-only permissions to modify timeout values. The vulnerability has been assigned a CVSS v3.1 score of 6.5 (Medium) with a vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NetApp Security).

Depending on the timeout value that is set, this vulnerability can cause guest agent commands to fail because the agent cannot respond in time, potentially leading to a Denial of Service (DoS) condition. The impact is limited to service availability, with no direct effect on confidentiality or integrity (NVD).

The vulnerability was fixed in libvirt version 6.2.0. The fix involves proper authorization checks for modifying QEMU agent timeout values. It's worth noting that Red Hat Enterprise Linux 5, 6, 7, 8 and RHEL Advanced Virtualization were not affected by this vulnerability as they did not include the vulnerable code (Red Hat Bugzilla).