427820 – (CVE-2011-2527) app-emulation/qemu-user: Fails to drop group privileges with -runas option (CVE-2011-2527)

Bug 427820 (CVE-2011-2527) - app-emulation/qemu-user: Fails to drop group privileges with -runas option (CVE-2011-2527)

Summary: app-emulation/qemu-user: Fails to drop group privileges with -runas option (C...

Status:	RESOLVED WONTFIX

Alias:	CVE-2011-2527

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B4 [ebuild]
Keywords:

Depends on:	508098
Blocks:
	Show dependency tree

Reported:	2012-07-23 23:08 UTC by GLSAMaker/CVETool Bot
Modified:	2014-05-30 04:40 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2012-07-23 23:08:28 UTC

CVE-2011-2527 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2527):
  The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier
  does not properly drop group privileges when the -runas option is used,
  which allows local guest users to access restricted files on the host.


Upstream bug report:
https://bugs.launchpad.net/qemu/+bug/807893

Comment 1 Doug Goldstein (RETIRED) gentoo-dev

2012-12-08 06:12:59 UTC

This affects current app-emulation/qemu-user ebuilds in the tree (but not app-emulation/qemu).

Comment 2 SpanKY gentoo-dev

2014-05-30 04:40:44 UTC

qemu-user has been removed from the tree as its functionality has been superseded by the combined app-emulation/qemu package.  if you find the qemu package does not support something that the qemu-user package did, please file a new bug explicitly detailing things so we can get it added.