Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4291HistorySep 30, 2013 - 9:55 p.m.
CVE-2013-4291
2013-09-3021:55:09
Debian Security Bug Tracker
security-tracker.debian.org
19
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvirt | < 1.1.2-2 | libvirt_1.1.2-2_all.deb |
| Debian | 11 | all | libvirt | < 1.1.2-2 | libvirt_1.1.2-2_all.deb |
| Debian | 999 | all | libvirt | < 1.1.2-2 | libvirt_1.1.2-2_all.deb |
| Debian | 13 | all | libvirt | < 1.1.2-2 | libvirt_1.1.2-2_all.deb |
Related
cvelist
cvelist
CVE-2013-4291
2013-09-30 21:00:00
cve
cve
CVE-2013-4291
2013-09-30 21:55:09
prion
prion
Design/Logic Flaw
2013-09-30 21:55:00
ubuntucve
ubuntucve
CVE-2013-4291
2013-09-30 00:00:00
nvd
nvd
CVE-2013-4291
2013-09-30 21:55:09
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.1.2-alt1
2013-09-03 00:00:00
nessus
nessus
Fedora 18 : libvirt-0.10.2.8-1.fc18 (2013-17305)
2013-10-01 00:00:00
SuSE 11.3 Security Update : libvirt (SAT Patch Number 8421)
2013-11-09 00:00:00
Fedora 19 : libvirt-1.0.5.6-2.fc19 (2013-17618)
2013-10-03 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1642-1)
2021-06-09 00:00:00
Fedora Update for libvirt FEDORA-2013-17618
2013-10-03 00:00:00
Fedora Update for libvirt FEDORA-2013-17618
2013-10-03 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: libvirt-1.0.5.6-2.fc19
2013-10-02 06:41:24
[SECURITY] Fedora 18 Update: libvirt-0.10.2.8-1.fc18
2013-10-01 02:14:56
[SECURITY] Fedora 19 Update: libvirt-1.0.5.9-1.fc19
2014-01-26 11:54:32
osv
osv
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2013-4291