CVE-2010-2239

First published: Thu Jun 24 2010(Updated: )

It was found that libvirt did not explicitly set the user defined backing store format when creating new image. This results in images being created with an potentialy insecure configuration, preventing applications from opening backing stores without resorting to probing. A priviledged guest user could use this flaw to access arbitrary files on the host.

Credit: secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/softwarecombine
• agent/first-publish-date
• collector/mitre-cve
• source/MITRE
• agent/severity
• agent/last-modified-date
• agent/author
• agent/references
• agent/weakness
• agent/description
• agent/event
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2010-2239
• agent/trending
• agent/source
• agent/tags
• collector/nvd-index
• agent/software-canonical-lookup-request
• collector/nvd-historical
• vendor/libvirt
• canonical/libvirt
• version/libvirt/0.6.0
• version/libvirt/0.6.1
• version/libvirt/0.6.2
• version/libvirt/0.6.3
• version/libvirt/0.6.4
• version/libvirt/0.6.5
• version/libvirt/0.7.0
• version/libvirt/0.7.1
• version/libvirt/0.7.2
• version/libvirt/0.7.3
• version/libvirt/0.7.4
• version/libvirt/0.7.5
• version/libvirt/0.7.6
• version/libvirt/0.7.7
• version/libvirt/0.8.0
• version/libvirt/0.8.1
• version/libvirt/0.8.2