First published: Mon Aug 12 2013(Updated: )
It was found that fix for <a href="https://access.redhat.com/security/cve/CVE-2013-0167">CVE-2013-0167</a> was not complete. A privileged guest user could still potentially make the host the guest is running on unavailable to the management server by making guest agent return data with invalid XML characters. Upstream fix: <a href="http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=commit;h=5fe1615b7949999fc9abd896bde63bf24f8431d6">http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=commit;h=5fe1615b7949999fc9abd896bde63bf24f8431d6</a> Acknowledgements: This issue was found by David Gibson of Red Hat.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Enterprise Virtualization | =3.0 | |
Redhat Enterprise Virtualization | =3.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.