libvirt 1.0.5.x prior to 1.0.5.6, 0.10.2.x prior to 0.10.2.8, and 0.9.12.x prior to 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat libvirt 0.10.2.5 |
||
redhat libvirt 0.10.2.6 |
||
redhat libvirt 1.0.5 |
||
redhat libvirt 0.9.12 |
||
redhat libvirt 0.10.2 |
||
redhat libvirt 0.10.2.1 |
||
redhat libvirt 0.10.2.2 |
||
redhat libvirt 1.0.5.4 |
||
redhat libvirt 1.0.5.3 |
||
redhat libvirt 0.10.2.7 |
||
redhat libvirt 1.0.5.5 |
||
redhat libvirt 0.10.2.3 |
||
redhat libvirt 0.10.2.4 |
||
redhat libvirt 1.0.5.2 |
||
redhat libvirt 1.0.5.1 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 13.04 |
||
canonical ubuntu linux 12.10 |
||
redhat enterprise linux 6.0 |