Red Hat Bugzilla – Bug 607810
CVE-2010-2237 libvirt: ignoring defined main disk format when looking up disk backing stores
Last modified: 2015-10-15 17:12:48 EDT
It was found that libvirt did not honour the user defined main disk format
in guest XML when looking up disk backing stores in the security drivers.
This could be possibly exploited by priviledged guest user to access
arbitrary files on the host.
This issue affects libvirt >= 0.6.1.
Not vulnerable. This issue did not affect the version of libvirt as shipped with Red Hat Enterprise Linux 5.
Created libvirt tracking bugs for this issue
Affects: fedora-all [bug 613625]
libvirt-0.8.2-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
libvirt-0.8.2-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.