Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-5313

Опубликовано: 11 дек. 2015
Источник: redhat
CVSS2: 4.9
EPSS Низкий

Описание

Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name.

A path-traversal flaw was found in the way the libvirt daemon handled filesystem names for storage volumes. A libvirt user with privileges to create storage volumes and without privileges to create and modify domains could possibly use this flaw to escalate their privileges.

Отчет

This issue affects the versions of libvirt as shipped with Red Hat Enterprise Linux version 7 and Red Hat Gluster Storage 3.1. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libvirtWill not fix
Red Hat Enterprise Linux 6libvirtWill not fix
Red Hat Enterprise Linux 7libvirtFixedRHSA-2016:257703.11.2016
Red Hat Gluster Storage 3.1 for RHEL 7libvirtFixedRHSA-2016:257703.11.2016
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7libvirtFixedRHSA-2016:257703.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1277121libvirt: filesystem storage volume names path traversal flaw

EPSS

Процентиль: 18%
0.00057
Низкий

4.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-5313

CVSS3: 2.5
ubuntu
больше 9 лет назад

Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name.

nvd логотип

CVE-2015-5313

CVSS3: 2.5
nvd
больше 9 лет назад

Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name.

debian логотип

CVE-2015-5313

CVSS3: 2.5
debian
больше 9 лет назад

Directory traversal vulnerability in the virStorageBackendFileSystemVo ...

suse-cvrf логотип

openSUSE-SU-2016:0209-1

suse-cvrf
больше 9 лет назад

Security update for libvirt

suse-cvrf логотип

SUSE-SU-2016:0931-1

suse-cvrf
больше 9 лет назад

Security update for libvirt

EPSS

Процентиль: 18%
0.00057
Низкий

4.9 Medium

CVSS2