Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 673
    • Issues 673
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 174
    • Merge Requests 174
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • alpine
  • aportsaports
  • Issues
  • #2059

Closed
Open
Opened Jun 03, 2013 by Peter Kotcauer@kocka

qemu CVE-2013-2007: guest agent creates files with insecure permissions in deamon mode

references:
http://www.openwall.com/lists/oss-security/2013/05/06/5
https://bugzilla.redhat.com/show\_bug.cgi?id=956082\#c6

upstream fix: http://git.qemu.org/?p=qemu.git;a=commit;h=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67

DESCRIPTION ==

The upstream qemu guest agent creates files with insecure permissions when started in daemon mode, which could potentially lead local privilege escalation.

The Red Hat Enterprise Linux 6 qemu-ga, when started in daemon mode, creates logfiles in /var/log/ world writable allowing any one on the system to wipe the contents of the log file or to store data within the log file. An unprivileged guest user could use this flaw to consume all free space on the partition
with qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport were explicitly configured to be used (non-default), an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest.

Acknowledgements:

This issue was discovered by Laszlo Ersek of Red Hat.

(from redmine: issue id 2059, created on 2013-06-03, closed on 2013-06-06)

  • Relations:
    • child #2060 (closed)
    • child #2061 (closed)
    • child #2062 (closed)
    • child #2063 (closed)
  • Changesets:
    • Revision 0a719315 by Natanael Copa on 2013-06-05T11:30:09Z:
main/qemu: fix 2013-2007

ref #2059
fixes #2061
  • Revision 563e2f3d by Natanael Copa on 2013-06-05T12:02:17Z:
main/qemu: security fix CVE-2013-2007

ref #2059
fixes #2063
  • Revision ef7cc55e by Natanael Copa on 2013-06-05T13:01:01Z:
main/qemu: security fix CVE-2013-2007

ref #2059
fixes #2062
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: alpine/aports#2059