CVE-2011-2178

Priority
Medium
Description
The virSecurityManagerGetPrivateData function in
security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong
argument for a sizeof call, which causes incorrect processing of "security
manager private data" that "reopens disk probing" and might allow guest OS
users to read arbitrary files on the host OS. NOTE: this vulnerability
exists because of a CVE-2010-2238 regression.
References
Bugs
Notes
jdstrand> 0.8.8 through 0.9.1 are affected
Assigned-to
jdstrand
Package
Upstream:released (0.9.1-2)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):released (0.8.8-1ubuntu6.2)
Ubuntu 11.10 (Oneiric Ocelot):released (0.9.1-1ubuntu4)
Patches:
Upstream:https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:08 UTC (commit 5347)