First published: Thu Jun 24 2010(Updated: )
It was found that libvirt did not explicitly set the user defined backing store format when creating new image. This results in images being created with an potentialy insecure configuration, preventing applications from opening backing stores without resorting to probing. A priviledged guest user could use this flaw to access arbitrary files on the host.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Libvirt Libvirt | =0.6.0 | |
Libvirt Libvirt | =0.7.3 | |
Libvirt Libvirt | =0.8.1 | |
Libvirt Libvirt | =0.7.0 | |
Libvirt Libvirt | =0.6.1 | |
Libvirt Libvirt | =0.8.0 | |
Libvirt Libvirt | =0.6.5 | |
Libvirt Libvirt | =0.7.1 | |
Libvirt Libvirt | =0.6.2 | |
Libvirt Libvirt | =0.7.6 | |
Libvirt Libvirt | =0.7.4 | |
Libvirt Libvirt | =0.6.4 | |
Libvirt Libvirt | =0.7.7 | |
Libvirt Libvirt | =0.7.5 | |
Libvirt Libvirt | =0.7.2 | |
Libvirt Libvirt | =0.6.3 | |
Libvirt Libvirt | =0.8.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.