CVE-2013-1922

Name of the Vulnerable Software and Affected Versions QEMU versions used in Xen 4.2.x

Description The issue allows local guest OS administrators to read arbitrary files on the host by modifying the header of a raw disk image to identify a different format. This is exploited when the guest is restarted.

Recommendations For QEMU versions used in Xen 4.2.x, consider restricting access to the raw disk image functionality to minimize the risk of exploitation until a fix is available.