libvirt CVE-2013-1766 Local Security Bypass Vulnerability

Bugtraq ID:	58178
Class:	Design Error
CVE:	CVE-2013-1766
Remote:	No
Local:	Yes
Published:	Feb 25 2013 12:00AM
Updated:	Mar 26 2013 10:46AM
Credit:	Guido Günther
Vulnerable:	Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64
Not Vulnerable:

libvirt CVE-2013-1766 Local Security Bypass Vulnerability

libvirt is prone to a security-bypass vulnerability.

Successful exploits may allow attackers to bypass certain security restrictions and perform unauthorized actions.

libvirt 1.0.2-2 is vulnerable; other versions may also be affected.

libvirt CVE-2013-1766 Local Security Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

libvirt CVE-2013-1766 Local Security Bypass Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

libvirt CVE-2013-1766 Local Security Bypass Vulnerability

References:

• libvirt Homepage (libvirt )