SUSE CVE-2012-2652

The bdrvopen function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file...

Mandriva Linux Security Advisory : qemu (MDVSA-2013:121)

Updated qemu packages fix security vulnerability : A flaw was found in how qemu, in snapshot mode -snapshot command line argument, handled the creation and opening of the temporary file used to store the difference of the virtualized guest's read-only image and the current state. In snapshot mode...

qemu-kvm: Multiple vulnerabilities

Background qemu-kvm provides QEMU and Kernel-based Virtual Machine userland tools. Description Multiple vulnerabilities have been discovered in qemu-kvm. Please review the CVE identifiers referenced below for details. Impact These vulnerabilities allow a remote attacker to cause a Denial of Servi...

Debian DSA-2542-1 : qemu-kvm - multiple vulnerabilities

Multiple vulnerabilities have been discovered in KVM, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-2652 : The snapshot mode of QEMU -snapshot incorrectly handles temporary files used to store the...

DSA-2542-1 qemu-kvm - multiple

Bulletin has no description...

DEBIAN-CVE-2012-2652

The bdrvopen function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file...

PT-2012-4162 · Qemu · Qemu

Name of the Vulnerable Software and Affected Versions: Qemu version 1.0 Description: The issue arises from the bdrv open function in Qemu, which fails to properly handle the failure of the mkstemp function when in snapshot node. This allows local users to overwrite or read arbitrary files via a...