LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libvirt: code execution as root

Package(s):libvirt CVE #(s):CVE-2013-0170
Created:January 29, 2013 Updated:February 22, 2013
Description: From the Red Hat advisory:

A flaw was found in the way libvirtd handled connection cleanup (when a connection was being closed) under certain error conditions. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the root user.

Alerts:
Red Hat RHSA-2013:0199-01 2013-01-28
Scientific Linux SL-libv-20130128 2013-01-28
CentOS CESA-2013:0199 2013-01-28
Oracle ELSA-2013-0199 2013-01-28
Ubuntu USN-1708-1 2013-01-29
Fedora FEDORA-2013-1644 2013-02-05
Fedora FEDORA-2013-1642 2013-02-08
Fedora FEDORA-2013-1626 2013-02-08
openSUSE openSUSE-SU-2013:0275-1 2013-02-12
openSUSE openSUSE-SU-2013:0274-1 2013-02-12
SUSE SUSE-SU-2013:0320-1 2013-02-21
Oracle ELSA-2013-0276 2013-02-28
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds