ID CVE-2012-2690
Summary virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.
References
Vulnerable Configurations
  • libguestfs 1.17.42
    cpe:2.3:a:libguestfs:libguestfs:1.17.42
  • libguestfs 1.17.41
    cpe:2.3:a:libguestfs:libguestfs:1.17.41
  • libguestfs 1.17.40
    cpe:2.3:a:libguestfs:libguestfs:1.17.40
  • libguestfs 1.17.39
    cpe:2.3:a:libguestfs:libguestfs:1.17.39
  • libguestfs 1.17.38
    cpe:2.3:a:libguestfs:libguestfs:1.17.38
  • libguestfs 1.17.37
    cpe:2.3:a:libguestfs:libguestfs:1.17.37
  • libguestfs 1.17.36
    cpe:2.3:a:libguestfs:libguestfs:1.17.36
  • libguestfs 1.17.35
    cpe:2.3:a:libguestfs:libguestfs:1.17.35
  • libguestfs 1.17.34
    cpe:2.3:a:libguestfs:libguestfs:1.17.34
  • libguestfs 1.17.33
    cpe:2.3:a:libguestfs:libguestfs:1.17.33
  • libguestfs 1.17.32
    cpe:2.3:a:libguestfs:libguestfs:1.17.32
  • libguestfs 1.17.31
    cpe:2.3:a:libguestfs:libguestfs:1.17.31
  • libguestfs 1.17.30
    cpe:2.3:a:libguestfs:libguestfs:1.17.30
  • libguestfs 1.17.29
    cpe:2.3:a:libguestfs:libguestfs:1.17.29
  • libguestfs 1.17.28
    cpe:2.3:a:libguestfs:libguestfs:1.17.28
  • libguestfs 1.17.27
    cpe:2.3:a:libguestfs:libguestfs:1.17.27
  • libguestfs 1.17.26
    cpe:2.3:a:libguestfs:libguestfs:1.17.26
  • libguestfs 1.17.25
    cpe:2.3:a:libguestfs:libguestfs:1.17.25
  • libguestfs 1.17.24
    cpe:2.3:a:libguestfs:libguestfs:1.17.24
  • libguestfs 1.17.23
    cpe:2.3:a:libguestfs:libguestfs:1.17.23
  • libguestfs 1.17.22
    cpe:2.3:a:libguestfs:libguestfs:1.17.22
  • libguestfs 1.17.21
    cpe:2.3:a:libguestfs:libguestfs:1.17.21
  • libguestfs 1.17.20
    cpe:2.3:a:libguestfs:libguestfs:1.17.20
  • libguestfs 1.17.19
    cpe:2.3:a:libguestfs:libguestfs:1.17.19
  • libguestfs 1.17.18
    cpe:2.3:a:libguestfs:libguestfs:1.17.18
  • libguestfs 1.17.17
    cpe:2.3:a:libguestfs:libguestfs:1.17.17
  • libguestfs 1.17.16
    cpe:2.3:a:libguestfs:libguestfs:1.17.16
  • libguestfs 1.17.15
    cpe:2.3:a:libguestfs:libguestfs:1.17.15
  • libguestfs 1.17.14
    cpe:2.3:a:libguestfs:libguestfs:1.17.14
  • libguestfs 1.17.13
    cpe:2.3:a:libguestfs:libguestfs:1.17.13
  • libguestfs 1.17.12
    cpe:2.3:a:libguestfs:libguestfs:1.17.12
  • libguestfs 1.17.11
    cpe:2.3:a:libguestfs:libguestfs:1.17.11
  • libguestfs 1.17.10
    cpe:2.3:a:libguestfs:libguestfs:1.17.10
  • libguestfs 1.17.9
    cpe:2.3:a:libguestfs:libguestfs:1.17.9
  • libguestfs 1.17.8
    cpe:2.3:a:libguestfs:libguestfs:1.17.8
  • libguestfs 1.17.7
    cpe:2.3:a:libguestfs:libguestfs:1.17.7
  • libguestfs 1.17.6
    cpe:2.3:a:libguestfs:libguestfs:1.17.6
  • libguestfs 1.17.5
    cpe:2.3:a:libguestfs:libguestfs:1.17.5
  • libguestfs 1.17.4
    cpe:2.3:a:libguestfs:libguestfs:1.17.4
  • libguestfs 1.17.3
    cpe:2.3:a:libguestfs:libguestfs:1.17.3
  • libguestfs 1.17.2
    cpe:2.3:a:libguestfs:libguestfs:1.17.2
  • libguestfs 1.17.1
    cpe:2.3:a:libguestfs:libguestfs:1.17.1
  • libguestfs 1.17.0
    cpe:2.3:a:libguestfs:libguestfs:1.17.0
  • libguestfs 1.17.43
    cpe:2.3:a:libguestfs:libguestfs:1.17.43
  • libguestfs 1.16.26
    cpe:2.3:a:libguestfs:libguestfs:1.16.26
  • libguestfs 1.16.25
    cpe:2.3:a:libguestfs:libguestfs:1.16.25
  • libguestfs 1.16.24
    cpe:2.3:a:libguestfs:libguestfs:1.16.24
  • libguestfs 1.16.23
    cpe:2.3:a:libguestfs:libguestfs:1.16.23
  • libguestfs 1.16.22
    cpe:2.3:a:libguestfs:libguestfs:1.16.22
  • libguestfs 1.16.21
    cpe:2.3:a:libguestfs:libguestfs:1.16.21
  • libguestfs 1.16.20
    cpe:2.3:a:libguestfs:libguestfs:1.16.20
  • libguestfs 1.16.19
    cpe:2.3:a:libguestfs:libguestfs:1.16.19
  • libguestfs 1.16.18
    cpe:2.3:a:libguestfs:libguestfs:1.16.18
  • libguestfs 1.16.17
    cpe:2.3:a:libguestfs:libguestfs:1.16.17
  • libguestfs 1.16.16
    cpe:2.3:a:libguestfs:libguestfs:1.16.16
  • libguestfs 1.16.15
    cpe:2.3:a:libguestfs:libguestfs:1.16.15
  • libguestfs 1.16.14
    cpe:2.3:a:libguestfs:libguestfs:1.16.14
  • libguestfs 1.16.13
    cpe:2.3:a:libguestfs:libguestfs:1.16.13
  • libguestfs 1.16.12
    cpe:2.3:a:libguestfs:libguestfs:1.16.12
  • libguestfs 1.16.11
    cpe:2.3:a:libguestfs:libguestfs:1.16.11
  • libguestfs 1.16.10
    cpe:2.3:a:libguestfs:libguestfs:1.16.10
  • libguestfs 1.16.9
    cpe:2.3:a:libguestfs:libguestfs:1.16.9
  • libguestfs 1.16.8
    cpe:2.3:a:libguestfs:libguestfs:1.16.8
  • libguestfs 1.16.7
    cpe:2.3:a:libguestfs:libguestfs:1.16.7
  • libguestfs 1.16.6
    cpe:2.3:a:libguestfs:libguestfs:1.16.6
  • libguestfs 1.16.5
    cpe:2.3:a:libguestfs:libguestfs:1.16.5
  • libguestfs 1.16.4
    cpe:2.3:a:libguestfs:libguestfs:1.16.4
  • libguestfs 1.16.3
    cpe:2.3:a:libguestfs:libguestfs:1.16.3
  • libguestfs 1.16.2
    cpe:2.3:a:libguestfs:libguestfs:1.16.2
  • libguestfs 1.16.1
    cpe:2.3:a:libguestfs:libguestfs:1.16.1
  • libguestfs 1.16.0
    cpe:2.3:a:libguestfs:libguestfs:1.16.0
CVSS
Base: 2.1 (as of 02-07-2012 - 10:44)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0774.NASL
    description Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. libguestfs is a library for accessing and modifying guest disk images. It was found that editing files with virt-edit left said files in a world-readable state (and did not preserve the file owner or Security-Enhanced Linux context). If an administrator on the host used virt-edit to edit a file inside a guest, the file would be left with world-readable permissions. This could lead to unprivileged guest users accessing files they would otherwise be unable to. (CVE-2012-2690) These updated libguestfs packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. Users of libguestfs are advised to upgrade to these updated packages, which fix these issues and add these enhancements.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59919
    published 2012-07-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59919
    title CentOS 6 : libguestfs (CESA-2012:0774)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0774.NASL
    description Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. libguestfs is a library for accessing and modifying guest disk images. It was found that editing files with virt-edit left said files in a world-readable state (and did not preserve the file owner or Security-Enhanced Linux context). If an administrator on the host used virt-edit to edit a file inside a guest, the file would be left with world-readable permissions. This could lead to unprivileged guest users accessing files they would otherwise be unable to. (CVE-2012-2690) These updated libguestfs packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. Users of libguestfs are advised to upgrade to these updated packages, which fix these issues and add these enhancements.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 64040
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64040
    title RHEL 6 : libguestfs (RHSA-2012:0774)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120620_LIBGUESTFS_ON_SL6_X.NASL
    description libguestfs is a library for accessing and modifying guest disk images. It was found that editing files with virt-edit left said files in a world-readable state (and did not preserve the file owner or Security-Enhanced Linux context). If an administrator on the host used virt-edit to edit a file inside a guest, the file would be left with world-readable permissions. This could lead to unprivileged guest users accessing files they would otherwise be unable to. (CVE-2012-2690) These updated libguestfs packages include numerous bug fixes and enhancements. Users of libguestfs are advised to upgrade to these updated packages, which fix these issues and add these enhancements.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61339
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61339
    title Scientific Linux Security Update : libguestfs on SL6.x x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0774.NASL
    description From Red Hat Security Advisory 2012:0774 : Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. libguestfs is a library for accessing and modifying guest disk images. It was found that editing files with virt-edit left said files in a world-readable state (and did not preserve the file owner or Security-Enhanced Linux context). If an administrator on the host used virt-edit to edit a file inside a guest, the file would be left with world-readable permissions. This could lead to unprivileged guest users accessing files they would otherwise be unable to. (CVE-2012-2690) These updated libguestfs packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. Users of libguestfs are advised to upgrade to these updated packages, which fix these issues and add these enhancements.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68548
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68548
    title Oracle Linux 6 : libguestfs (ELSA-2012-0774)
redhat via4
advisories
bugzilla
id 831117
title CVE-2012-2690 libguestfs: virt-edit creates a new file, when it is used leading to loss of file attributes (permissions, owner, SELinux context etc.)
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment libguestfs is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774005
      • comment libguestfs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586006
    • AND
      • comment libguestfs-devel is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774017
      • comment libguestfs-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586008
    • AND
      • comment libguestfs-java is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774013
      • comment libguestfs-java is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586018
    • AND
      • comment libguestfs-java-devel is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774015
      • comment libguestfs-java-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586028
    • AND
      • comment libguestfs-javadoc is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774019
      • comment libguestfs-javadoc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586012
    • AND
      • comment libguestfs-tools is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774023
      • comment libguestfs-tools is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586010
    • AND
      • comment libguestfs-tools-c is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774027
      • comment libguestfs-tools-c is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586020
    • AND
      • comment ocaml-libguestfs is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774007
      • comment ocaml-libguestfs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586014
    • AND
      • comment ocaml-libguestfs-devel is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774021
      • comment ocaml-libguestfs-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586030
    • AND
      • comment perl-Sys-Guestfs is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774011
      • comment perl-Sys-Guestfs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586024
    • AND
      • comment python-libguestfs is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774009
      • comment python-libguestfs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586016
    • AND
      • comment ruby-libguestfs is earlier than 1:1.16.19-1.el6
        oval oval:com.redhat.rhsa:tst:20120774025
      • comment ruby-libguestfs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20110586032
rhsa
id RHSA-2012:0774
released 2012-06-20
severity Low
title RHSA-2012:0774: libguestfs security, bug fix, and enhancement update (Low)
rpms
  • libguestfs-1:1.16.19-1.el6
  • libguestfs-devel-1:1.16.19-1.el6
  • libguestfs-java-1:1.16.19-1.el6
  • libguestfs-java-devel-1:1.16.19-1.el6
  • libguestfs-javadoc-1:1.16.19-1.el6
  • libguestfs-tools-1:1.16.19-1.el6
  • libguestfs-tools-c-1:1.16.19-1.el6
  • ocaml-libguestfs-1:1.16.19-1.el6
  • ocaml-libguestfs-devel-1:1.16.19-1.el6
  • perl-Sys-Guestfs-1:1.16.19-1.el6
  • python-libguestfs-1:1.16.19-1.el6
  • ruby-libguestfs-1:1.16.19-1.el6
refmap via4
bid 53932
mlist [Libguestfs] 20120521 [ANNOUNCE] libguestfs 1.18 released - tools for managing virtual machines and disk images
secunia
  • 49431
  • 49545
xf libguestfs-virtedit-info-disc(76220)
Last major update 17-07-2012 - 00:00
Published 29-06-2012 - 15:55
Last modified 28-08-2017 - 21:31
Back to Top