The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
References
Configurations
History
21 Nov 2024, 01:50
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67 - | |
References | () http://lists.opensuse.org/opensuse-updates/2013-07/msg00057.html - | |
References | () http://osvdb.org/93032 - | |
References | () http://rhn.redhat.com/errata/RHSA-2013-0791.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2013-0896.html - | |
References | () http://secunia.com/advisories/53325 - Vendor Advisory | |
References | () http://www.openwall.com/lists/oss-security/2013/05/06/5 - | |
References | () http://www.securityfocus.com/bid/59675 - | |
References | () http://www.securitytracker.com/id/1028521 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=956082 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/84047 - |
Information
Published : 2013-05-21 18:55
Updated : 2024-11-21 01:50
NVD link : CVE-2013-2007
Mitre link : CVE-2013-2007
CVE.ORG link : CVE-2013-2007
JSON object : View
Products Affected
qemu
- qemu
CWE
CWE-264
Permissions, Privileges, and Access Controls