Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
Network Security Consulting Advisories Article

libvirt Local Security Bypass Vulnerability

http://www.securityfocus.com/bid/48321

Security Info

Bugtraq ID: 48321
Class: Design Error
CVE: CVE-2011-2178
Remote: No
Local: Yes
Published: Jun 16 2011 12:00AM
Updated: Feb 28 2012 06:30PM
Credit: Eric Blake
Vulnerable: Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Red Hat Fedora 15
libvirt libvirt 0.8.8
libvirt libvirt 0.8.2
libvirt libvirt 0.8.1
Gentoo Linux
Not Vulnerable:

Security Discussion

libvirt is prone to a local security-bypass vulnerability.

Attackers can exploit this issue to bypass certain security restrictions to access arbitrary files and privileged resources of the host system.

Proof of Concept and Security Exploits

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated August 28, 2014
©2000-2014 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services