CVE-2011-2527
Vulnerability from cvelistv5
Published
2012-06-21 15:00
Modified
2024-08-06 23:00
Severity ?
Summary
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2011-1531.html
secalert@redhat.comhttp://secunia.com/advisories/45187Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/45188Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/45419Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/47157Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/47992Vendor Advisory
secalert@redhat.comhttp://ubuntu.com/usn/usn-1177-1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2011/07/12/15
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2011/07/12/5
secalert@redhat.comhttp://www.osvdb.org/74752
secalert@redhat.comhttp://www.securityfocus.com/bid/48659
secalert@redhat.comhttps://bugs.launchpad.net/qemu/+bug/807893
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/68539
secalert@redhat.comhttps://www.debian.org/security/2011/dsa-2282
Impacted products
n/an/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:00:34.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "qemu-runas-priv-escalation(68539)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68539"
          },
          {
            "name": "[oss-security] 20110712 CVE Request: qemu -runas does not clear  supplementary groups",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/07/12/5"
          },
          {
            "name": "48659",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48659"
          },
          {
            "name": "[oss-security] 20110712 Re: CVE Request: qemu -runas does not clear  supplementary groups",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/07/12/15"
          },
          {
            "name": "DSA-2282",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2011/dsa-2282"
          },
          {
            "name": "47992",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47992"
          },
          {
            "name": "45419",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45419"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/qemu/+bug/807893"
          },
          {
            "name": "openSUSE-SU-2012:0207",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html"
          },
          {
            "name": "74752",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74752"
          },
          {
            "name": "47157",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47157"
          },
          {
            "name": "45188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45188"
          },
          {
            "name": "USN-1177-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1177-1"
          },
          {
            "name": "45187",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45187"
          },
          {
            "name": "FEDORA-2012-8604",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html"
          },
          {
            "name": "RHSA-2011:1531",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1531.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "qemu-runas-priv-escalation(68539)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68539"
        },
        {
          "name": "[oss-security] 20110712 CVE Request: qemu -runas does not clear  supplementary groups",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/07/12/5"
        },
        {
          "name": "48659",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48659"
        },
        {
          "name": "[oss-security] 20110712 Re: CVE Request: qemu -runas does not clear  supplementary groups",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/07/12/15"
        },
        {
          "name": "DSA-2282",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2011/dsa-2282"
        },
        {
          "name": "47992",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47992"
        },
        {
          "name": "45419",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45419"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/qemu/+bug/807893"
        },
        {
          "name": "openSUSE-SU-2012:0207",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html"
        },
        {
          "name": "74752",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74752"
        },
        {
          "name": "47157",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47157"
        },
        {
          "name": "45188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45188"
        },
        {
          "name": "USN-1177-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1177-1"
        },
        {
          "name": "45187",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45187"
        },
        {
          "name": "FEDORA-2012-8604",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html"
        },
        {
          "name": "RHSA-2011:1531",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1531.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2527",
    "datePublished": "2012-06-21T15:00:00",
    "dateReserved": "2011-06-15T00:00:00",
    "dateUpdated": "2024-08-06T23:00:34.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-2527\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-06-21T15:55:09.863\",\"lastModified\":\"2020-11-02T14:39:17.710\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n change_process_uid en os-posix.c en Qemu v0.14.0 y anteriores no \\\"suelta\\\" correctamente los privilegios de grupo cuando se usa la opci\u00f3n -runas, lo que permite  acceder a archivos restringidos en el host a usuarios locales invitados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":2.1},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.14.0\",\"matchCriteriaId\":\"4DCB03CB-0416-4358-884E-9517B3186F68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC82CD08-F151-489C-9BC4-50C8C9583718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75D04344-C6CE-40D5-97ED-42B3DBA1AAD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CC4D45-66BE-4C23-B541-DD4604ACC9FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E41058D-380C-4098-96FB-53CC158ED420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFE12226-C599-45A2-8CFD-32753F94204B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C06F8832-B32F-4352-B048-A4ADCE85373E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5278C685-988B-40D7-9AE9-B4FB8AF41C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C6B20B-2E5D-4D25-885A-227A4BE5EEBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2FF7251-031D-4A9B-9AF0-1FFE556456D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D942D17-1AA9-4D5A-8F5E-0F4F762522D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A2519BF-5F68-4096-8DE2-2C7BCF7200D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B00BD71-2AE5-47BA-999A-7E89590B86C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6701A9-78CC-49D0-A40A-CB1C774400AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"759505BA-6F19-4BAE-8297-D8F30EEC8D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A98CC34-2DB7-46CD-AA60-A7C08DDF22B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E424B63B-DCD8-4209-A4CB-84C1EDF5B255\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9576AA2-2FDD-4063-8D84-DE8DB063AC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"544368B2-37BE-41DD-8DC2-F04B6A394696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14A6B570-09CE-4AFF-AC8C-51F37FC79811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5670FB-B9EA-4B9C-BB7B-575494F12CA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27650033-1C9F-4175-A26F-D9082A36F079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F1D35E0-2033-4ADE-9ADA-3B45996B53B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6205775B-4A83-498F-A60E-54473F5D5704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.9.1-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BCDB83-93ED-43CC-9D12-FAB227BE48CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A6382B-A08C-4D58-B3F9-D74132A74B86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7483B9F2-246C-4B78-9EFA-7734B7209054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A83436B8-AFC9-4AA2-8414-1F703812718D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCA47F54-B59B-45EC-B5D4-DF544E4BE1AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4786DEA6-6F23-4969-B7E0-C664FCB2284E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA3CABBB-9C1F-4ACD-A2AC-8320348DDA99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0ED046D-26E2-4E01-BAB1-F86249A2E827\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94A2973F-4CDA-4B8D-8331-FD14394AB906\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4EF80C9-6950-412E-975F-058F20DF9F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"921698C0-DCE3-4604-8ED3-B327273D6EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F75C73E2-9137-4EAB-8D76-B0B22C391A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0-rc0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BE2585F-9F3C-445C-B0A4-CC214B23F2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0-rc1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F061815-F34A-431A-9BF3-020348CB5C45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0-rc2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE5017A8-9600-422D-A612-CBEF1C3A1E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"340D614F-7B0B-4CB3-AEF3-26360FADF67C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C71C7DAD-86D5-4E9B-9549-C9FBD48AE22C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"37E501EA-4C70-48F1-9822-5575AFAA8783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"77FCC2AD-2FDA-484B-B4A6-D842404DEE59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48D2B63-5171-45E6-BF19-DFC63FA6683D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7750C948-7169-44F1-A834-AE52BFBDC701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7AA-7237-44A9-B8BB-ACEC48BAFBEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD38AD65-FF40-431B-BA2C-D55A7D0737A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36233339-A9DF-4ACD-89A6-F79CB07E1568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F385658D-5D5C-49E6-8C67-FE4321CDCE1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.13.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A74A421-6012-4BEC-802D-7A05D20AF285\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.13.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB41C21C-B250-40D1-ADC1-B03866794417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"8162E07B-718E-41B3-B19C-A933CC1E2710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0229959-6909-482B-9446-68C9B3021510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7048A380-A251-42D7-B081-CDB38B6A27F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EA71FFE-E41F-4128-A598-EDF446D9A045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.15.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE446FA1-FBB8-4B76-904C-F4664703BFBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.15.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"80621FFA-6189-47CD-9A6A-1D5A781862AE\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2011-1531.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/45187\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45188\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45419\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47157\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47992\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://ubuntu.com/usn/usn-1177-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/07/12/15\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/07/12/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/74752\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/48659\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugs.launchpad.net/qemu/+bug/807893\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68539\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.debian.org/security/2011/dsa-2282\",\"source\":\"secalert@redhat.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.