CVE-2013-4401

Name of the Vulnerable Software and Affected Versions libvirt versions 1.1.0 through 1.1.3

Description The issue concerns the virConnectDomainXMLToNative API function, which incorrectly checks for the connect:read permission instead of the connect:write permission. This allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML.

Recommendations For libvirt versions 1.1.0 through 1.1.3, consider restricting access to the virConnectDomainXMLToNative API function until a patch is available. As a temporary workaround, review and limit the use of crafted XML to minimize the risk of exploitation.