CVE-2010-2239

Name of the Vulnerable Software and Affected Versions Red Hat libvirt versions 0.6.0 through 0.8.2

Description The issue allows guest OS users to read arbitrary files on the host OS. This is due to new images being created without setting the user-defined backing-store format. The exact vectors used for this are not specified.

Recommendations For versions 0.6.0 through 0.8.2, consider configuring the backing-store format manually to prevent guest OS users from reading arbitrary files on the host OS. As a temporary workaround, restrict access to sensitive files on the host OS to minimize the risk of exploitation.