CVE-2013-4291

EPSS 0.05%

發布日:2013/9/30修改日:2026/4/28

描述

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.

受影響套件(1)

Debian/libvirtfrom 0, < 1.1.2-2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4291