PublicDateAtUSN: 2011-06-10
Candidate: CVE-2011-2178
PublicDate: 2011-08-10 20:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2178
 https://ubuntu.com/security/notices/USN-1152-1
Description:
 The virSecurityManagerGetPrivateData function in
 security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong
 argument for a sizeof call, which causes incorrect processing of "security
 manager private data" that "reopens disk probing" and might allow guest OS
 users to read arbitrary files on the host OS.  NOTE: this vulnerability
 exists because of a CVE-2010-2238 regression.
Ubuntu-Description: 
Notes:
 jdstrand> 0.8.8 through 0.9.1 are affected
Bugs: 
 https://bugzilla.redhat.com/show_bug.cgi?id=709769
Priority: medium
Discovered-by: Eric Blake
Assigned-to: jdstrand
CVSS: 

Patches_libvirt:
 upstream: https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
Tags_libvirt: apparmor
upstream_libvirt: released (0.9.1-2)
hardy_libvirt: ignored (reached end-of-life)
lucid_libvirt: not-affected
maverick_libvirt: not-affected
natty_libvirt: released (0.8.8-1ubuntu6.2)
devel_libvirt: released (0.9.1-1ubuntu4)