CVE-2013-1766: libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.

low3.6CVSS 3.1

AVLACLAuNCNIPAP

libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.

77 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	libvirt	< libvirt 0.9.12-8 (bookworm)	libvirt 0.9.12-8 (bookworm)
redhat	libvirt	<= 1.0.2	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—

nvd3.6LOWAV:L/AC:L/Au:N/C:N/I:P/A:P

osv3.6LOW