REDHAT-BUG-607811
First published: Thu Jun 24 2010(Updated: )
It was found that libvirt did not extract the defined disk backing store format when recursing into disk image backing stores in the security drivers. This could be possibly exploited by priviledged guest user to access arbitrary files on the host.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Libvirt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-607811?
The severity of REDHAT-BUG-607811 is considered high due to the potential for privileged guest users to access arbitrary files on the host.
How do I fix REDHAT-BUG-607811?
To fix REDHAT-BUG-607811, it is recommended to update libvirt to the latest version that addresses this flaw.
What are the consequences of exploiting REDHAT-BUG-607811?
Exploiting REDHAT-BUG-607811 could allow a privileged guest user to gain unauthorized access to sensitive files on the host system.
Which versions of libvirt are affected by REDHAT-BUG-607811?
All versions of libvirt prior to the security update that resolves REDHAT-BUG-607811 are affected.
Who should be concerned about REDHAT-BUG-607811?
System administrators using libvirt in environments with untrusted guest users should be particularly concerned about REDHAT-BUG-607811.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-2238
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/libvirt
- canonical/oracle libvirt