Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-1922

qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004.

Related bugs and status

CVE-2013-1922 (Candidate) is related to these bugs:

Bug #1180397: [MRE] Xen stable update to 4.2.2

Summary				In	Importance	Status
	1180397	[MRE] Xen stable update to 4.2.2		xen (Ubuntu)	Low	Fix Released
	1180397	[MRE] Xen stable update to 4.2.2		xen (Ubuntu Raring)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://secunia.com/adv...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://security.gentoo...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...