Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2013:1100
HistoryJul 22, 2013 - 12:00 a.m.

(RHSA-2013:1100) Important: qemu-kvm security update

2013-07-2200:00:00
access.redhat.com
11

0.0004 Low

EPSS

Percentile

5.1%

JSON

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component
for running virtual machines using KVM.

An unquoted search path flaw was found in the way the QEMU Guest Agent
service installation was performed on Windows. Depending on the permissions
of the directories in the unquoted search path, a local, unprivileged user
could use this flaw to have a binary of their choosing executed with SYSTEM
privileges. (CVE-2013-2231)

This issue was discovered by Lev Veyde of Red Hat.

All users of qemu-kvm should upgrade to these updated packages, which
contain backported patches to correct this issue. After installing this
update, shut down all running virtual machines. Once all virtual machines
have shut down, start them again for this update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat6x86_64qemu-kvm-tools< 0.12.1.2-2.355.el6_4.6qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
RedHat6srcqemu-kvm< 0.12.1.2-2.355.el6_4.6qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
RedHat6x86_64qemu-kvm< 0.12.1.2-2.355.el6_4.6qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
RedHat6x86_64qemu-img< 0.12.1.2-2.355.el6_4.6qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
RedHat6i686qemu-guest-agent< 0.12.1.2-2.355.el6_4.6qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpm
RedHat6x86_64qemu-guest-agent-win32< 0.12.1.2-2.355.el6_4.6qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
RedHat6i686qemu-kvm-debuginfo< 0.12.1.2-2.355.el6_4.6qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm
RedHat6x86_64qemu-kvm-debuginfo< 0.12.1.2-2.355.el6_4.6qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
RedHat6x86_64qemu-guest-agent< 0.12.1.2-2.355.el6_4.6qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm

Related

nessus 5
centos 1
oraclelinux 1
openvas 7
debiancve 1
redhat 1
veracode 1
cve 1
cvelist 1
mageia 1
prion 1
nvd 1
nessus
nessus
CentOS 6 : qemu-kvm (CESA-2013:1100)
2013-07-24 00:00:00
Oracle Linux 6 : qemu-kvm (ELSA-2013-1100)
2013-07-23 00:00:00
RHEL 6 : virtio-win (RHSA-2013:1101)
2013-07-23 00:00:00
centos
centos
qemu security update
2013-07-22 20:02:54
oraclelinux
oraclelinux
qemu-kvm security update
2013-07-22 00:00:00
openvas
openvas
CentOS Update for qemu-guest-agent CESA-2013:1100 centos6
2013-08-01 00:00:00
Mageia: Security Advisory (MGASA-2013-0235)
2022-01-28 00:00:00
Oracle: Security Advisory (ELSA-2013-1100)
2015-10-06 00:00:00
debiancve
debiancve
CVE-2013-2231
2013-10-01 17:55:03
redhat
redhat
(RHSA-2013:1101) Important: virtio-win security update
2013-07-22 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 08:56:42
cve
cve
CVE-2013-2231
2013-10-01 17:55:03
cvelist
cvelist
CVE-2013-2231
2013-10-01 17:00:00
mageia
mageia
Updated qemu package fixes CVE-2013-2231
2013-07-26 15:54:55
prion
prion
Design/Logic Flaw
2013-10-01 17:55:00
nvd
nvd
CVE-2013-2231
2013-10-01 17:55:03

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for RHSA-2013:1100
nessus5centos1oraclelinux1openvas7debiancve1redhat1veracode1cve1cvelist1mageia1prion1nvd1