CVE-2010-2238
published 2010-08-19CVE-2010-2238: Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might…
medium4.4CVSS 3.1
AVLACMAuSCCINAN
Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libvirt | < libvirt 0.9.1-2 (bookworm) | libvirt 0.9.1-2 (bookworm) |
| debian | libvirt | < libvirt 0.8.3-1 (bookworm) | libvirt 0.8.3-1 (bookworm) |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| libvirt | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | >= 0 < 0.8.3-1 | 0.8.3-1 |
| redhat | libvirt | >= 0 < 0.9.1-2 | 0.9.1-2 |
| redhat | libvirt | >= 0 < 0.8.3-1 | 0.8.3-1 |
| redhat | libvirt | >= 0 < 0.9.1-2 | 0.9.1-2 |
| redhat | libvirt | >= 0 < 0.8.3-1 | 0.8.3-1 |
| redhat | libvirt | >= 0 < 0.9.1-2 | 0.9.1-2 |
| redhat | libvirt | >= 0 < 0.8.3-1 | 0.8.3-1 |
| redhat | libvirt | >= 0 < 0.9.1-2 | 0.9.1-2 |
CVSS provenance
nvd4.4MEDIUMAV:L/AC:M/Au:S/C:C/I:N/A:N
osv4.4MEDIUM