← Back

CVE-2011-2178

nvd nist
Published: Aug 10, 2011Modified: Apr 29, 2026

JSON object

Loading...
4.4
Vector
AV:L/AC:M/Au:S/C:C/I:N/A:N
Exploitability: 2.7 / Impact: 6.9
Source: NVD

Description

The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.

Affected (3)

Products: Redhat: Libvirt
Redhat
1 product
Libvirt
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Libvirt
Version 0.8.8
Libvirt
Version 0.9.0
Libvirt
Version 0.9.1

References (16)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.