CVE-2013-4367

Name of the Vulnerable Software and Affected Versions ovirt-engine version 3.2

Description The issue arises from an upstream kernel change affecting how python's os.chmod() works when passed a mode of '-1', resulting in certain files being created world-writeable on Linux kernel 3.1 and newer.

Recommendations For ovirt-engine version 3.2, consider modifying the file creation process to explicitly set the desired permissions, avoiding the use of '-1' as a mode for os.chmod().