Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24136

HistoryApr 10, 2020 - 12:47 a.m.

Information Disclosure

2020-04-1000:47:03

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

8

EPSS

0.001

Percentile

26.5%

libvirt is vulnerable to information disclosure. It was found that libvirt did not set the user-defined backing store format when creating a new image, possibly resulting in applications having to probe the backing store to discover the format. A privileged guest user could use this flaw to read arbitrary files on the host.

References

libvirt.org/news.html

lists.fedoraproject.org/pipermail/package-announce/2010-July/044520.html

lists.fedoraproject.org/pipermail/package-announce/2010-July/044579.html

lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

ubuntu.com/usn/usn-1008-1

ubuntu.com/usn/usn-1008-2

ubuntu.com/usn/usn-1008-3

www.redhat.com/security/updates/classification/#low

www.redhat.com/support/errata/RHSA-2010-0615.html

www.vupen.com/english/advisories/2010/2062

www.vupen.com/english/advisories/2010/2763

access.redhat.com/errata/RHSA-2010:0615

bugzilla.redhat.com/show_bug.cgi?id=607812

EPSS

0.001

Percentile

26.5%

Related for VERACODE:24136

nvd1 prion1 cve1 ubuntucve1 cvelist1 debiancve1 openvas15 nessus13 redhat1 centos1 oraclelinux1 ubuntu4 securityvulns2 fedora2