REDHAT-BUG-607812
First published: Thu Jun 24 2010(Updated: )
It was found that libvirt did not explicitly set the user defined backing store format when creating new image. This results in images being created with an potentialy insecure configuration, preventing applications from opening backing stores without resorting to probing. A priviledged guest user could use this flaw to access arbitrary files on the host.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Libvirt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-607812?
The severity of REDHAT-BUG-607812 is considered moderate due to potential security risks associated with insecure backing store configurations.
How do I fix REDHAT-BUG-607812?
To fix REDHAT-BUG-607812, ensure that the user-defined backing store format is explicitly set when creating new images in libvirt.
What are the potential risks of REDHAT-BUG-607812?
The potential risks of REDHAT-BUG-607812 include the inability of applications to open backing stores securely, which can lead to security vulnerabilities.
Who is affected by REDHAT-BUG-607812?
Users of libvirt who create new images without explicitly specifying the backing store format are affected by REDHAT-BUG-607812.
When was REDHAT-BUG-607812 reported?
REDAHT-BUG-607812 was reported in a Red Hat bug report that highlights vulnerabilities related to the handling of backing store formats in libvirt.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-2239
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/libvirt
- canonical/oracle libvirt