CVE-2011-2178
Published: 10 June 2011
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.
Notes
Author | Note |
---|---|
jdstrand | 0.8.8 through 0.9.1 are affected |
Priority
Status
Package | Release | Status |
---|---|---|
libvirt Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Released
(0.8.8-1ubuntu6.2)
|
|
upstream |
Released
(0.9.1-2)
|
|
Patches: upstream: https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html |
||
This vulnerability is mitigated in part by an AppArmor profile. |