PT-2013-3379 · Libvirt · Libvirt

Bastian Blank

·

Published

2013-03-20

·

Updated

2013-03-21

·

CVE-2013-1766

CVSS v2.0

3.6

Low

VectorAV:L/AC:L/Au:N/C:N/I:P/A:P
Name of the Vulnerable Software and Affected Versions libvirt versions 1.0.2 and earlier
Description The issue allows local users to write to device files via unspecified vectors, as the group owner is set to kvm for these files.
Recommendations For libvirt versions 1.0.2 and earlier, update to a version later than 1.0.2 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2013-1766
DSA-2650-1

Affected Products

Libvirt