Lucene search
UbuntuUSN-1177-1HistoryJul 27, 2011 - 12:00 a.m.
QEMU vulnerability
2011-07-2700:00:00
ubuntu.com
36
6 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
27.2%
Releases
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04
Packages
- qemu-kvm - Machine emulator and virtualizer
Details
Andrew Griffiths discovered that QEMU did not correctly drop privileges
when using the ‘runas’ argument. Under certain circumstances a local
attacker could exploit this to escalate privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.04 | noarch | qemu-kvm | < 0.14.0+noroms-0ubuntu4.4 | UNKNOWN |
| Ubuntu | 11.04 | noarch | kvm | < 1:84+dfsg-0ubuntu16+0.14.0+noroms+0ubuntu4.4 | UNKNOWN |
| Ubuntu | 11.04 | noarch | qemu | < 0.14.0+noroms-0ubuntu4.4 | UNKNOWN |
| Ubuntu | 10.10 | noarch | qemu-kvm | < 0.12.5+noroms-0ubuntu7.10 | UNKNOWN |
| Ubuntu | 10.10 | noarch | kvm | < 1:84+dfsg-0ubuntu16+0.12.5+noroms+0ubuntu7.10 | UNKNOWN |
| Ubuntu | 10.10 | noarch | qemu | < 0.12.5+noroms-0ubuntu7.10 | UNKNOWN |
| Ubuntu | 10.10 | noarch | qemu-arm-static | < 0.12.5+noroms-0ubuntu7.10 | UNKNOWN |
| Ubuntu | 10.10 | noarch | qemu-kvm-extras | < 0.12.5+noroms-0ubuntu7.10 | UNKNOWN |
| Ubuntu | 10.10 | noarch | qemu-kvm-extras-static | < 0.12.5+noroms-0ubuntu7.10 | UNKNOWN |
| Ubuntu | 10.04 | noarch | qemu-kvm | < 0.12.3+noroms-0ubuntu9.15 | UNKNOWN |
References
Related
openvas
openvas
Ubuntu Update for qemu-kvm USN-1177-1
2011-08-02 00:00:00
RedHat Update for qemu-kvm RHSA-2011:1531-03
2012-07-09 00:00:00
Oracle: Security Advisory (ELSA-2011-1531)
2015-10-06 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:05:48
redhat
redhat
prion
prion
Design/Logic Flaw
2012-06-21 15:55:00
nessus
nessus
Oracle Linux 6 : qemu-kvm (ELSA-2011-1531)
2023-09-07 00:00:00
RHEL 6 : qemu-kvm (RHSA-2011:1531)
2013-01-24 00:00:00
Ubuntu 10.04 LTS / 10.10 / 11.04 : qemu-kvm vulnerability (USN-1177-1)
2011-07-28 00:00:00
ubuntucve
ubuntucve
CVE-2011-2527
2011-07-26 00:00:00
cve
cve
CVE-2011-2527
2012-06-21 15:55:00
osv
osv
qemu-kvm - several
2011-07-25 00:00:00
debian
debian
[SECURITY] [DSA 2282-1] qemu-kvm security update
2011-07-25 10:14:19
securityvulns
securityvulns
[SECURITY] [DSA 2282-1] qemu-kvm security update
2011-07-26 00:00:00
kvm code execution
2011-07-26 00:00:00
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2011-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: qemu-0.14.0-9.fc15
2012-06-07 23:07:08
6 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
27.2%
Related for USN-1177-1