Create an account

Subscribe to LWN

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

qemu-kvm: privilege escalation

Package(s):

qemu-kvm

CVE #(s):

CVE-2011-2527

Created:

July 25, 2011

Updated:

August 20, 2012

Description:

From the Debian advisory:

Andrew Griffiths discovered that group privileges were insufficiently dropped when started with -runas option, resulting in privilege escalation.

Alerts:

Red Hat	RHSA-2011:1531-03	2011-12-06
Ubuntu	USN-1177-1	2011-07-27
Debian	DSA-2282-1	2011-07-25
Scientific Linux	SL-qemu-20111206	2011-12-06
openSUSE	openSUSE-SU-2012:0207-1	2012-02-09
Fedora	FEDORA-2012-8604	2012-06-07
Mageia	MGASA-2012-0222	2012-08-18

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds