CVE-2013-1766

libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
redhatlibvirt
𝑥
≤ 1.0.2
redhatlibvirt
0.0.1
redhatlibvirt
0.0.2
redhatlibvirt
0.0.3
redhatlibvirt
0.0.4
redhatlibvirt
0.0.5
redhatlibvirt
0.0.6
redhatlibvirt
0.1.0
redhatlibvirt
0.1.1
redhatlibvirt
0.1.3
redhatlibvirt
0.1.4
redhatlibvirt
0.1.5
redhatlibvirt
0.1.6
redhatlibvirt
0.1.7
redhatlibvirt
0.1.8
redhatlibvirt
0.1.9
redhatlibvirt
0.2.0
redhatlibvirt
0.2.1
redhatlibvirt
0.2.2
redhatlibvirt
0.2.3
redhatlibvirt
0.3.0
redhatlibvirt
0.3.1
redhatlibvirt
0.3.2
redhatlibvirt
0.3.3
redhatlibvirt
0.4.0
redhatlibvirt
0.4.1
redhatlibvirt
0.4.2
redhatlibvirt
0.4.3
redhatlibvirt
0.4.4
redhatlibvirt
0.4.5
redhatlibvirt
0.4.6
redhatlibvirt
0.5.0
redhatlibvirt
0.5.1
redhatlibvirt
0.6.0
redhatlibvirt
0.6.1
redhatlibvirt
0.6.2
redhatlibvirt
0.6.3
redhatlibvirt
0.6.4
redhatlibvirt
0.6.5
redhatlibvirt
0.7.0
redhatlibvirt
0.7.1
redhatlibvirt
0.7.2
redhatlibvirt
0.7.3
redhatlibvirt
0.7.4
redhatlibvirt
0.7.5
redhatlibvirt
0.7.6
redhatlibvirt
0.7.7
redhatlibvirt
0.8.0
redhatlibvirt
0.8.1
redhatlibvirt
0.8.2
redhatlibvirt
0.8.3
redhatlibvirt
0.8.4
redhatlibvirt
0.8.5
redhatlibvirt
0.8.6
redhatlibvirt
0.8.7
redhatlibvirt
0.8.8
redhatlibvirt
0.9.0
redhatlibvirt
0.9.1
redhatlibvirt
0.9.2
redhatlibvirt
0.9.3
redhatlibvirt
0.9.4
redhatlibvirt
0.9.5
redhatlibvirt
0.9.6
redhatlibvirt
0.9.7
redhatlibvirt
0.9.8
redhatlibvirt
0.9.9
redhatlibvirt
0.9.10
redhatlibvirt
0.9.11
redhatlibvirt
0.9.12
redhatlibvirt
0.9.13
redhatlibvirt
1.0.0
redhatlibvirt
1.0.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libvirt
bullseye
7.0.0-3+deb11u3
fixed
bookworm
9.0.0-4+deb12u1
fixed
sid
10.9.0-1
fixed
trixie
10.9.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libvirt
quantal
ignored
precise
ignored
oneiric
ignored
lucid
not-affected
hardy
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/52628
http://www.debian.org/security/2013/dsa-2650
http://www.securityfocus.com/bid/58178
http://secunia.com/advisories/52628
http://www.debian.org/security/2013/dsa-2650
http://www.securityfocus.com/bid/58178