CVE-2011-2527 (GCVE-0-2011-2527)

Vulnerability from cvelistv5 – Published: 2012-06-21 15:00 – Updated: 2024-08-06 23:00
VLAI?
Summary
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.openwall.com/lists/oss-security/2011/07/12/5 mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/48659 vdb-entryx_refsource_BID
http://www.openwall.com/lists/oss-security/2011/0… mailing-listx_refsource_MLIST
https://www.debian.org/security/2011/dsa-2282 vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/47992 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/45419 third-party-advisoryx_refsource_SECUNIA
https://bugs.launchpad.net/qemu/+bug/807893 x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2012-0… vendor-advisoryx_refsource_SUSE
http://www.osvdb.org/74752 vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/47157 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/45188 third-party-advisoryx_refsource_SECUNIA
http://ubuntu.com/usn/usn-1177-1 vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/45187 third-party-advisoryx_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
http://rhn.redhat.com/errata/RHSA-2011-1531.html vendor-advisoryx_refsource_REDHAT
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:00:34.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "qemu-runas-priv-escalation(68539)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68539"
          },
          {
            "name": "[oss-security] 20110712 CVE Request: qemu -runas does not clear  supplementary groups",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/07/12/5"
          },
          {
            "name": "48659",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48659"
          },
          {
            "name": "[oss-security] 20110712 Re: CVE Request: qemu -runas does not clear  supplementary groups",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/07/12/15"
          },
          {
            "name": "DSA-2282",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2011/dsa-2282"
          },
          {
            "name": "47992",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47992"
          },
          {
            "name": "45419",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45419"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/qemu/+bug/807893"
          },
          {
            "name": "openSUSE-SU-2012:0207",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html"
          },
          {
            "name": "74752",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74752"
          },
          {
            "name": "47157",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47157"
          },
          {
            "name": "45188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45188"
          },
          {
            "name": "USN-1177-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1177-1"
          },
          {
            "name": "45187",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45187"
          },
          {
            "name": "FEDORA-2012-8604",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html"
          },
          {
            "name": "RHSA-2011:1531",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1531.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "qemu-runas-priv-escalation(68539)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68539"
        },
        {
          "name": "[oss-security] 20110712 CVE Request: qemu -runas does not clear  supplementary groups",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/07/12/5"
        },
        {
          "name": "48659",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48659"
        },
        {
          "name": "[oss-security] 20110712 Re: CVE Request: qemu -runas does not clear  supplementary groups",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/07/12/15"
        },
        {
          "name": "DSA-2282",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2011/dsa-2282"
        },
        {
          "name": "47992",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47992"
        },
        {
          "name": "45419",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45419"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/qemu/+bug/807893"
        },
        {
          "name": "openSUSE-SU-2012:0207",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html"
        },
        {
          "name": "74752",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74752"
        },
        {
          "name": "47157",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47157"
        },
        {
          "name": "45188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45188"
        },
        {
          "name": "USN-1177-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1177-1"
        },
        {
          "name": "45187",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45187"
        },
        {
          "name": "FEDORA-2012-8604",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html"
        },
        {
          "name": "RHSA-2011:1531",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1531.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2527",
    "datePublished": "2012-06-21T15:00:00",
    "dateReserved": "2011-06-15T00:00:00",
    "dateUpdated": "2024-08-06T23:00:34.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.14.0\", \"matchCriteriaId\": \"4DCB03CB-0416-4358-884E-9517B3186F68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC82CD08-F151-489C-9BC4-50C8C9583718\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75D04344-C6CE-40D5-97ED-42B3DBA1AAD7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71CC4D45-66BE-4C23-B541-DD4604ACC9FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E41058D-380C-4098-96FB-53CC158ED420\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFE12226-C599-45A2-8CFD-32753F94204B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C06F8832-B32F-4352-B048-A4ADCE85373E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5278C685-988B-40D7-9AE9-B4FB8AF41C8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6C6B20B-2E5D-4D25-885A-227A4BE5EEBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2FF7251-031D-4A9B-9AF0-1FFE556456D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D942D17-1AA9-4D5A-8F5E-0F4F762522D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A2519BF-5F68-4096-8DE2-2C7BCF7200D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B00BD71-2AE5-47BA-999A-7E89590B86C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA6701A9-78CC-49D0-A40A-CB1C774400AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"759505BA-6F19-4BAE-8297-D8F30EEC8D8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A98CC34-2DB7-46CD-AA60-A7C08DDF22B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E424B63B-DCD8-4209-A4CB-84C1EDF5B255\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9576AA2-2FDD-4063-8D84-DE8DB063AC54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"544368B2-37BE-41DD-8DC2-F04B6A394696\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14A6B570-09CE-4AFF-AC8C-51F37FC79811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC5670FB-B9EA-4B9C-BB7B-575494F12CA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27650033-1C9F-4175-A26F-D9082A36F079\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F1D35E0-2033-4ADE-9ADA-3B45996B53B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6205775B-4A83-498F-A60E-54473F5D5704\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.9.1-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8BCDB83-93ED-43CC-9D12-FAB227BE48CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39A6382B-A08C-4D58-B3F9-D74132A74B86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7483B9F2-246C-4B78-9EFA-7734B7209054\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A83436B8-AFC9-4AA2-8414-1F703812718D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCA47F54-B59B-45EC-B5D4-DF544E4BE1AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4786DEA6-6F23-4969-B7E0-C664FCB2284E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA3CABBB-9C1F-4ACD-A2AC-8320348DDA99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.10.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0ED046D-26E2-4E01-BAB1-F86249A2E827\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94A2973F-4CDA-4B8D-8331-FD14394AB906\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4EF80C9-6950-412E-975F-058F20DF9F04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"921698C0-DCE3-4604-8ED3-B327273D6EAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"F75C73E2-9137-4EAB-8D76-B0B22C391A2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0-rc0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BE2585F-9F3C-445C-B0A4-CC214B23F2B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0-rc1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F061815-F34A-431A-9BF3-020348CB5C45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.0-rc2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE5017A8-9600-422D-A612-CBEF1C3A1E1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"340D614F-7B0B-4CB3-AEF3-26360FADF67C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C71C7DAD-86D5-4E9B-9549-C9FBD48AE22C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"37E501EA-4C70-48F1-9822-5575AFAA8783\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"77FCC2AD-2FDA-484B-B4A6-D842404DEE59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B48D2B63-5171-45E6-BF19-DFC63FA6683D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7750C948-7169-44F1-A834-AE52BFBDC701\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7AA-7237-44A9-B8BB-ACEC48BAFBEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD38AD65-FF40-431B-BA2C-D55A7D0737A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.12.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36233339-A9DF-4ACD-89A6-F79CB07E1568\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.13.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F385658D-5D5C-49E6-8C67-FE4321CDCE1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.13.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A74A421-6012-4BEC-802D-7A05D20AF285\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.13.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB41C21C-B250-40D1-ADC1-B03866794417\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.14.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"8162E07B-718E-41B3-B19C-A933CC1E2710\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.14.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0229959-6909-482B-9446-68C9B3021510\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.14.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7048A380-A251-42D7-B081-CDB38B6A27F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.14.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EA71FFE-E41F-4128-A598-EDF446D9A045\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.15.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE446FA1-FBB8-4B76-904C-F4664703BFBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:0.15.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"80621FFA-6189-47CD-9A6A-1D5A781862AE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n change_process_uid en os-posix.c en Qemu v0.14.0 y anteriores no \\\"suelta\\\" correctamente los privilegios de grupo cuando se usa la opci\\u00f3n -runas, lo que permite  acceder a archivos restringidos en el host a usuarios locales invitados.\"}]",
      "id": "CVE-2011-2527",
      "lastModified": "2024-11-21T01:28:28.093",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2012-06-21T15:55:09.863",
      "references": "[{\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2011-1531.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/45187\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/45188\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/45419\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/47157\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/47992\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://ubuntu.com/usn/usn-1177-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/07/12/15\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/07/12/5\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.osvdb.org/74752\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/48659\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugs.launchpad.net/qemu/+bug/807893\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/68539\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.debian.org/security/2011/dsa-2282\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2011-1531.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/45187\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/45188\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/45419\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/47157\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/47992\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://ubuntu.com/usn/usn-1177-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/07/12/15\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/07/12/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/74752\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/48659\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugs.launchpad.net/qemu/+bug/807893\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/68539\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2011/dsa-2282\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-2527\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-06-21T15:55:09.863\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n change_process_uid en os-posix.c en Qemu v0.14.0 y anteriores no \\\"suelta\\\" correctamente los privilegios de grupo cuando se usa la opci\u00f3n -runas, lo que permite  acceder a archivos restringidos en el host a usuarios locales invitados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.14.0\",\"matchCriteriaId\":\"4DCB03CB-0416-4358-884E-9517B3186F68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC82CD08-F151-489C-9BC4-50C8C9583718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75D04344-C6CE-40D5-97ED-42B3DBA1AAD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CC4D45-66BE-4C23-B541-DD4604ACC9FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E41058D-380C-4098-96FB-53CC158ED420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFE12226-C599-45A2-8CFD-32753F94204B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C06F8832-B32F-4352-B048-A4ADCE85373E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5278C685-988B-40D7-9AE9-B4FB8AF41C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C6B20B-2E5D-4D25-885A-227A4BE5EEBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2FF7251-031D-4A9B-9AF0-1FFE556456D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D942D17-1AA9-4D5A-8F5E-0F4F762522D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A2519BF-5F68-4096-8DE2-2C7BCF7200D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B00BD71-2AE5-47BA-999A-7E89590B86C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6701A9-78CC-49D0-A40A-CB1C774400AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"759505BA-6F19-4BAE-8297-D8F30EEC8D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A98CC34-2DB7-46CD-AA60-A7C08DDF22B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E424B63B-DCD8-4209-A4CB-84C1EDF5B255\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9576AA2-2FDD-4063-8D84-DE8DB063AC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"544368B2-37BE-41DD-8DC2-F04B6A394696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14A6B570-09CE-4AFF-AC8C-51F37FC79811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5670FB-B9EA-4B9C-BB7B-575494F12CA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27650033-1C9F-4175-A26F-D9082A36F079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F1D35E0-2033-4ADE-9ADA-3B45996B53B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6205775B-4A83-498F-A60E-54473F5D5704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.9.1-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BCDB83-93ED-43CC-9D12-FAB227BE48CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A6382B-A08C-4D58-B3F9-D74132A74B86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7483B9F2-246C-4B78-9EFA-7734B7209054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A83436B8-AFC9-4AA2-8414-1F703812718D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCA47F54-B59B-45EC-B5D4-DF544E4BE1AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4786DEA6-6F23-4969-B7E0-C664FCB2284E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA3CABBB-9C1F-4ACD-A2AC-8320348DDA99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0ED046D-26E2-4E01-BAB1-F86249A2E827\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94A2973F-4CDA-4B8D-8331-FD14394AB906\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4EF80C9-6950-412E-975F-058F20DF9F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"921698C0-DCE3-4604-8ED3-B327273D6EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F75C73E2-9137-4EAB-8D76-B0B22C391A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0-rc0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BE2585F-9F3C-445C-B0A4-CC214B23F2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0-rc1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F061815-F34A-431A-9BF3-020348CB5C45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.0-rc2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE5017A8-9600-422D-A612-CBEF1C3A1E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"340D614F-7B0B-4CB3-AEF3-26360FADF67C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C71C7DAD-86D5-4E9B-9549-C9FBD48AE22C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"37E501EA-4C70-48F1-9822-5575AFAA8783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"77FCC2AD-2FDA-484B-B4A6-D842404DEE59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48D2B63-5171-45E6-BF19-DFC63FA6683D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7750C948-7169-44F1-A834-AE52BFBDC701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7AA-7237-44A9-B8BB-ACEC48BAFBEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD38AD65-FF40-431B-BA2C-D55A7D0737A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36233339-A9DF-4ACD-89A6-F79CB07E1568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F385658D-5D5C-49E6-8C67-FE4321CDCE1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.13.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A74A421-6012-4BEC-802D-7A05D20AF285\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.13.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB41C21C-B250-40D1-ADC1-B03866794417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"8162E07B-718E-41B3-B19C-A933CC1E2710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0229959-6909-482B-9446-68C9B3021510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7048A380-A251-42D7-B081-CDB38B6A27F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EA71FFE-E41F-4128-A598-EDF446D9A045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.15.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE446FA1-FBB8-4B76-904C-F4664703BFBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.15.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"80621FFA-6189-47CD-9A6A-1D5A781862AE\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2011-1531.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/45187\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45188\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45419\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47157\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47992\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://ubuntu.com/usn/usn-1177-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/07/12/15\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/07/12/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/74752\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/48659\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugs.launchpad.net/qemu/+bug/807893\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68539\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.debian.org/security/2011/dsa-2282\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2011-1531.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/45187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47157\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://ubuntu.com/usn/usn-1177-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/07/12/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/07/12/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/74752\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/48659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.launchpad.net/qemu/+bug/807893\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2011/dsa-2282\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.