CVE-2010-2238 - OpenCVE

Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:L/AC:M/Au:S/C:C/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Libvirt	Libvirt

Configuration 1 [-]

OR	cpe:2.3:a:libvirt:libvirt:0.7.2:::::::*
	cpe:2.3:a:libvirt:libvirt:0.7.3:::::::*
	cpe:2.3:a:libvirt:libvirt:0.7.4:::::::*
	cpe:2.3:a:libvirt:libvirt:0.7.5:::::::*
	cpe:2.3:a:libvirt:libvirt:0.7.6:::::::*
	cpe:2.3:a:libvirt:libvirt:0.7.7:::::::*
	cpe:2.3:a:libvirt:libvirt:0.8.0:::::::*
	cpe:2.3:a:libvirt:libvirt:0.8.1:::::::*
	cpe:2.3:a:libvirt:libvirt:0.8.2:::::::*

References

Link	Resource
http://libvirt.org/news.html	Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044520.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044579.html
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://ubuntu.com/usn/usn-1008-1
http://ubuntu.com/usn/usn-1008-2
http://ubuntu.com/usn/usn-1008-3
http://www.vupen.com/english/advisories/2010/2763
https://bugzilla.redhat.com/show_bug.cgi?id=607811

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2010-08-19T17:43:00

Updated: 2010-09-30T09:00:00

Reserved: 2010-06-09T00:00:00

Link: CVE-2010-2238

JSON object: View

NVD Information

Status : Analyzed

Published: 2010-08-19T18:00:03.453

Modified: 2010-10-30T04:00:00.000

Link: CVE-2010-2238

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libvirt:libvirt:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "9C7F2E72-C436-46A4-A4B9-9F2B567FE8A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "6D1EBC94-5CB9-4B5A-9CB3-C10DE191AE3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "05461C68-1BA6-4BA5-97F1-D56E0A62A37F", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "D6507C31-9F5F-488D-9D0D-C233CA1DED01", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "3199D614-94CD-4E12-9127-4459BB6A84FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "EC2EE32A-68DF-4343-A5B1-6861324E592B", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "330BFC7B-1971-42C3-BBB5-1498B112E8DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "39D87F93-98FE-414B-8D32-C9AB853A235D", "vulnerable": true}, {"criteria": "cpe:2.3:a:libvirt:libvirt:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B38AB6E8-DE2F-426C-A8E9-2572611AE5E1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors."}, {"lang": "es", "value": "Red Hat libvirt, posiblemente v0.7.2 hasta v0.8.2, se repite en almacenes de respaldo de imagen de disco sin extraer el formato de disco de respaldo definido, lo cual puede permitir a usuarios invitados del Sistema Operativo leer ficheros a su elecci\u00f3n en el Sistema Operativo anfitri\u00f3n, y posiblemente tener otros impactos no especificados, a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2010-2238", "lastModified": "2010-10-30T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:S/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 2.7, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-08-19T18:00:03.453", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://libvirt.org/news.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044520.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044579.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"}, {"source": "secalert@redhat.com", "url": "http://ubuntu.com/usn/usn-1008-1"}, {"source": "secalert@redhat.com", "url": "http://ubuntu.com/usn/usn-1008-2"}, {"source": "secalert@redhat.com", "url": "http://ubuntu.com/usn/usn-1008-3"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/2763"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=607811"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}