CVE-2013-4401

critical

Description

The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1015259

http://www.ubuntu.com/usn/USN-2026-1

http://www.securitytracker.com/id/1029241

http://wiki.libvirt.org/page/Maintenance_Releases

http://security.gentoo.org/glsa/glsa-201412-04.xml

http://secunia.com/advisories/60895

http://secunia.com/advisories/55210

http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c

Details

Source: Mitre, NVD

Published: 2013-11-02

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical