252205 – (CVE-2008-5086) app-emulation/libvirt <= 0.5.1 Security Bypass (CVE-2008-5086)

Bug 252205 (CVE-2008-5086) - app-emulation/libvirt <= 0.5.1 Security Bypass (CVE-2008-5086)

Summary: app-emulation/libvirt <= 0.5.1 Security Bypass (CVE-2008-5086)

Status:	RESOLVED FIXED

Alias:	CVE-2008-5086

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High trivial (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/Advisories/33198/
Whiteboard:	~4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2008-12-22 20:59 UTC by Bruno Buss
Modified:	2009-01-09 11:58 UTC (History)
CC List:	4 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bruno Buss 2008-12-22 20:59:52 UTC

Description:
"A security issue has been reported in libvirt, which can be exploited by malicious, local users to bypass certain security restrictions.

The security issue is caused due to the application not properly checking if a connection to libvirtd is in read-only or read-write mode. This can be exploited to perform certain administrative tasks by using methods, which are not performing checks on the read-only connection flag.

This security issue is reported in version 0.3.2 through 0.5.1. Other versions may also be affected."


Fix in GIT:
http://git.et.redhat.com/?p=libvirt.git;a=commit;h=e87a5440dff8020d7247656368023e1b2d57415c

Comment 1 Micheal Marineau (RETIRED) gentoo-dev

2009-01-09 04:32:49 UTC

Fixed in libvirt 0.4.6-r1 and 0.5.1 and committed. All other versions have been dropped from portage.

Comment 2 Bruno Buss 2009-01-09 11:58:44 UTC

Thanks Micheal.

There is no need to stabilization and there is no GLSA for ~X bugs, so closing this one.