Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-6456

Published: 15 April 2014

The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.

Notes

AuthorNote
mdeslaur 
1.0.1 and higher

Priority

Medium

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian 		lucid Not vulnerable

precise Not vulnerable

quantal Not vulnerable

raring Ignored
(end of life)
saucy
Released (1.1.1-0ubuntu8.11)
trusty Not vulnerable
(1.2.2-0ubuntu1)
upstream Needs triage

Patches:
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=a15d9aa37e0baa4677c605c7563ebd92d3de468c
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=268ef38d12b6bf4fdcbbe6f8c7dd6c2e4cc446f1
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=5daffc54b0815c49146cb6174c28954252542247
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=aaba652d2ba2a3a258c6b36d109ada59824cedce
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=4428224e0d60ce32cb81be45b79323912ce5b8dc
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=d0ddd54a6706b7bfbc2ff1c2d3352331a8857660
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=869961c1a2dc718d6272b3218e0263d58d4a6648
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=045ab83be86ab960ab8358d96de110e98930740c
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=06a0f6b81cb982d8b7789862ef2e197d68d9e6ab
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=40c8a8e92686fb5bf55fa1482b59309d3e5b96e3
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=599be6a6f93618ac5094e0283538ed827b5c7e5b
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=05b36162178f8bf43c5ca57568f154493701b209
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=6ecb7bc3aed7f60edad5289c9b0cfcf99eee6611
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=72a4c29ca72789b13de1ed9cb96df9fb2b0fdde4
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=83f83508e128275bd1b74988162dc6b9f86e00ee
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=398c88edfaef50b9b59eb2d9a61b07c9c940a661
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=dd055960df60c536957664f0ae3c591feecf7b09
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=14d69bd00e4455a1d174d14c5af73975cf9e904a

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading