CVE-2013-2007

Published: 5/21/2013 Last updated: 8/6/2024 Reserved: 2/19/2013

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (2)

conf-qemu-img nbd-tool

Products affected (1)

Product	Vendor	Version
n/a	n/a	Snapdragon 212 Mobile Platform

References (22)

http://lists.opensuse.org/opensuse-updates/2013-07/msg00057.html
http://osvdb.org/93032
https://bugzilla.redhat.com/show_bug.cgi?id=956082
http://www.securitytracker.com/id/1028521
http://www.securityfocus.com/bid/59675
http://www.openwall.com/lists/oss-security/2013/05/06/5
http://secunia.com/advisories/53325
https://exchange.xforce.ibmcloud.com/vulnerabilities/84047
http://rhn.redhat.com/errata/RHSA-2013-0791.html
http://rhn.redhat.com/errata/RHSA-2013-0896.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67
http://lists.opensuse.org/opensuse-updates/2013-07/msg00057.html
http://osvdb.org/93032
https://bugzilla.redhat.com/show_bug.cgi?id=956082
http://www.securitytracker.com/id/1028521
http://www.securityfocus.com/bid/59675
http://www.openwall.com/lists/oss-security/2013/05/06/5
http://secunia.com/advisories/53325
https://exchange.xforce.ibmcloud.com/vulnerabilities/84047
http://rhn.redhat.com/errata/RHSA-2013-0791.html
http://rhn.redhat.com/errata/RHSA-2013-0896.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67