CVE-2012-2652
Published: 18 June 2012
The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.
Priority
Status
Package | Release | Status |
---|---|---|
kvm Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
upstream |
Needs triage
|
|
qemu Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
upstream |
Needs triage
|
|
qemu-kvm Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Released
(0.12.3+noroms-0ubuntu9.19)
|
|
natty |
Released
(0.14.0+noroms-0ubuntu4.6)
|
|
oneiric |
Released
(0.14.1+noroms-0ubuntu6.4)
|
|
precise |
Released
(1.0+noroms-0ubuntu14.1)
|
|
upstream |
Needs triage
|
|
Patches: other: http://marc.info/?l=qemu-devel&m=133819025731504&w=2 upstream: http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169 |
||
This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. |