Yedidyah Bar David

**Name of the Vulnerable Software and Affected Versions** ovirt-engine version 3.2 **Description** The issue arises from an upstream kernel change affecting how python's os.chmod() works when passed a mode of '-1', resulting in certain files being created world-writeable on Linux kernel 3.1 and newer. **Recommendations** For ovirt-engine version 3.2, consider modifying the file creation process to explicitly set the desired permissions, avoiding the use of '-1' as a mode for os.chmod().

**Name of the Vulnerable Software and Affected Versions** Red Hat Enterprise Virtualization (RHEV) Engine version 4.0 **Description** The issue allows local users to obtain sensitive database provisioning information. This is achieved by reading log files, specifically those generated by the ovirt-engine-provisiondb utility. **Recommendations** For Red Hat Enterprise Virtualization (RHEV) Engine version 4.0, consider restricting access to log files generated by the ovirt-engine-provisiondb utility to minimize the risk of sensitive information disclosure.