ELSA-2010-0615

Опубликовано: 10 авг. 2010

Источник: oracle-oval

Платформа: Oracle Linux 5

Описание

ELSA-2010-0615: libvirt security and bug fix update (LOW)

[0.6.3-33.0.1.el5_5.3]

Replaced docs/et.png in tarball

[0.6.3-33.el5_5.3]

Explicitly set qcow2 backing store format (CVE-2010-2239)
Remap privileged source ports from guests behind NAT (CVE-2010-2242)
Eliminate memory leak in xenUnifiedDomainInfoListFree (rhbz 619711)

[0.6.3-33.el5_5.2]

Fix discrepancy between xm list and virsh list (rhbz 618200)
Set a stable & high MAC addr for guest TAP devices on host (rhbz 617243)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

libvirt

0.6.3-33.0.1.el5_5.3

libvirt-devel

0.6.3-33.0.1.el5_5.3

libvirt-python

0.6.3-33.0.1.el5_5.3

Oracle Linux x86_64

libvirt

0.6.3-33.0.1.el5_5.3

libvirt-devel

0.6.3-33.0.1.el5_5.3

libvirt-python

0.6.3-33.0.1.el5_5.3

Oracle Linux i386

libvirt

0.6.3-33.0.1.el5_5.3

libvirt-devel

0.6.3-33.0.1.el5_5.3

libvirt-python

0.6.3-33.0.1.el5_5.3

Связанные CVE

CVE-2010-2239

CVE-2010-2242

Ссылки на источники

Связанные уязвимости

CVE-2010-2242

ubuntu

почти 15 лет назад

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.

CVE-2010-2242

redhat

почти 15 лет назад

CVE-2010-2242

nvd

почти 15 лет назад

CVE-2010-2242

debian

почти 15 лет назад

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improp ...

CVE-2010-2239

ubuntu

почти 15 лет назад

Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors.