Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4311HistoryOct 03, 2013 - 9:55 p.m.
CVE-2013-4311
2013-10-0321:55:00
Debian Security Bug Tracker
security-tracker.debian.org
14
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.3%
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvirt | < 1.1.3~rc1-1 | libvirt_1.1.3~rc1-1_all.deb |
| Debian | 11 | all | libvirt | < 1.1.3~rc1-1 | libvirt_1.1.3~rc1-1_all.deb |
| Debian | 10 | all | libvirt | < 1.1.3~rc1-1 | libvirt_1.1.3~rc1-1_all.deb |
| Debian | 999 | all | libvirt | < 1.1.3~rc1-1 | libvirt_1.1.3~rc1-1_all.deb |
| Debian | 13 | all | libvirt | < 1.1.3~rc1-1 | libvirt_1.1.3~rc1-1_all.deb |
Related
prion
prion
cve
cve
ubuntucve
ubuntucve
gentoo
gentoo
polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation
2014-06-26 00:00:00
nessus
nessus
GLSA-201406-27 : polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation
2014-06-27 00:00:00
Oracle Linux 6 : polkit (ELSA-2013-1270)
2013-09-20 00:00:00
openSUSE Security Update : systemd (openSUSE-SU-2013:1527-1)
2014-06-13 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201406-27
2015-09-29 00:00:00
Fedora Update for polkit FEDORA-2013-17191
2013-09-24 00:00:00
Fedora Update for polkit FEDORA-2013-17197
2013-09-24 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 08:59:31
Privilege Escalation
2019-05-02 04:52:27
Authorization Bypass
2019-01-15 08:59:41
debiancve
debiancve
centos
centos
polkit security update
2013-09-20 02:25:01
libvirt security update
2013-09-20 02:24:43
redhat
redhat
(RHSA-2013:1270) Important: polkit security update
2013-09-19 00:00:00
(RHSA-2013:1460) Important: rhev-hypervisor6 security and bug fix update
2013-10-29 00:00:00
(RHSA-2013:1272) Important: libvirt security and bug fix update
2013-09-19 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: polkit-0.107-6.fc18
2013-09-22 04:28:15
[SECURITY] Fedora 20 Update: polkit-0.112-1.fc20
2013-09-23 00:12:34
[SECURITY] Fedora 19 Update: polkit-0.112-1.fc19
2013-09-20 16:22:44
ubuntu
ubuntu
polkit vulnerability
2013-09-18 00:00:00
libvirt vulnerabilities
2013-09-18 00:00:00
oraclelinux
oraclelinux
libvirt security and bug fix update
2013-09-19 00:00:00
polkit security update
2013-09-19 00:00:00
securityvulns
securityvulns
libvirt memory corruption
2013-10-02 00:00:00
PolicyKit protection bypass
2013-10-01 00:00:00
[ MDVSA-2013:243 ] polkit
2013-10-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.1.3-alt1
2013-10-01 00:00:00
mageia
mageia
Updated libvirt package fixes security vulnerabilities
2013-10-05 21:55:44
osv
osv
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.3%
Related for DEBIANCVE:CVE-2013-4311