CVE-2012-2652

EUVD-2012-2638
The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
qemuqemu
1.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
qemu
bookworm
1:7.2+dfsg-7+deb12u7
fixed
bullseye
1:5.2+dfsg-11+deb11u3
fixed
bullseye (security)
1:5.2+dfsg-11+deb11u2
fixed
sid
1:9.1.1+ds-2
fixed
trixie
1:9.1.1+ds-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
kvm
hardy
ignored
lucid
dne
natty
dne
oneiric
dne
precise
dne
qemu
hardy
ignored
lucid
dne
natty
dne
oneiric
dne
precise
dne
qemu-kvm
hardy
dne
lucid
Fixed 0.12.3+noroms-0ubuntu9.19
released
natty
Fixed 0.14.0+noroms-0ubuntu4.6
released
oneiric
Fixed 0.14.1+noroms-0ubuntu6.4
released
precise
Fixed 1.0+noroms-0ubuntu14.1
released
References
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=eba25057b9a5e19d10ace2bc7716667a31297169
http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html
http://secunia.com/advisories/50132
http://secunia.com/advisories/50689
http://www.debian.org/security/2012/dsa-2545
http://www.securityfocus.com/bid/53725
http://www.ubuntu.com/usn/USN-1522-1
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=eba25057b9a5e19d10ace2bc7716667a31297169
http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html
http://secunia.com/advisories/50132
http://secunia.com/advisories/50689
http://www.debian.org/security/2012/dsa-2545
http://www.securityfocus.com/bid/53725
http://www.ubuntu.com/usn/USN-1522-1