CVE 2010-2238
Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.
Related bugs and status
CVE-2010-2238 (Candidate) is related to these bugs:
Bug #578527: map serial port throws "chardev: opening backend "tty" failed"
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
578527 | map serial port throws "chardev: opening backend "tty" failed" | libvirt (Ubuntu) | Low | Fix Released | ||
578527 | map serial port throws "chardev: opening backend "tty" failed" | libvirt | Medium | Won't Fix | ||
578527 | map serial port throws "chardev: opening backend "tty" failed" | libvirt (Ubuntu Lucid) | Low | Won't Fix | ||
578527 | map serial port throws "chardev: opening backend "tty" failed" | libvirt (Ubuntu Maverick) | Low | Fix Released |
Bug #585964: VMs won't start after purging apparmor
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
585964 | VMs won't start after purging apparmor | libvirt (Ubuntu) | Low | Fix Released |
Bug #588369: can't disable AppArmor via qemu.conf
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
588369 | can't disable AppArmor via qemu.conf | libvirt (Ubuntu) | Low | Fix Released |
Bug #609055: problems with using parallel port
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
609055 | problems with using parallel port | libvirt (Ubuntu) | Undecided | Fix Released |
Bug #613549: does not support cloning vm storage on lvm backend
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
613549 | does not support cloning vm storage on lvm backend | libvirt (Ubuntu) | Low | Fix Released | ||
613549 | does not support cloning vm storage on lvm backend | virt-manager (Ubuntu) | Undecided | Invalid |
Bug #656173: libvirt no longer probes chained backing stores
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
656173 | libvirt no longer probes chained backing stores | libvirt (Ubuntu) | Undecided | Won't Fix | ||
656173 | libvirt no longer probes chained backing stores | Release Notes for Ubuntu | Undecided | Fix Released |
Bug #795800: virsh save fails on oneiric when the apparmor security driver is enabled
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
795800 | virsh save fails on oneiric when the apparmor security driver is enabled | libvirt (Ubuntu) | High | Fix Released | ||
795800 | virsh save fails on oneiric when the apparmor security driver is enabled | libvirt (Ubuntu Oneiric) | High | Fix Released |
See the
CVE page on Mitre.org
for more details.