Bug 10829

Summary: qemu new security issue CVE-2013-2231
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: sysadmin-bugs, tmb
Version: 3Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/560379/
Whiteboard: mga3-64-ok mga3-32-ok
Source RPM: qemu-1.2.0-8.1.mga3.src.rpm CVE:
Status comment:

Description David Walser 2013-07-23 20:50:48 CEST 
RedHat has issued an advisory on July 22:
https://rhn.redhat.com/errata/RHSA-2013-1100.html

Patched packages uploaded for Mageia 3 and Cauldron.

Mageia 2's version doesn't seem to contain the affected code, which is weird, because the version in RHEL6 is older.  Perhaps the affected code was actually added to RHEL 6's version by one of the other 3883 patches they had previously added.

Advisory:
========================

Updated qemu packages fix security vulnerability:

An unquoted search path flaw was found in the way the QEMU Guest Agent
service installation was performed on Windows. Depending on the permissions
of the directories in the unquoted search path, a local, unprivileged user
could use this flaw to have a binary of their choosing executed with SYSTEM
privileges (CVE-2013-2231).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2231
https://rhn.redhat.com/errata/RHSA-2013-1100.html
========================

Updated packages in core/updates_testing:
========================
qemu-1.2.0-8.2.mga3
qemu-img-1.2.0-8.2.mga3

from qemu-1.2.0-8.2.mga3.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 claire robinson 2013-07-24 14:44:32 CEST 
Testing complete mga3 64

Installed mga3 dualcd with virt-manager

Whiteboard: (none) => mga3-64-ok

Comment 2 claire robinson 2013-07-24 15:33:24 CEST 
Testing complete mga3 32

Validating. Advisory from comment 0 uploaded.

Could sysadmin please push from 3 core/updates_testing to core/updates.

Thanks!

Keywords: (none) => validated_update
Whiteboard: mga3-64-ok => mga3-64-ok mga3-32-ok
CC: (none) => sysadmin-bugs

Comment 3 Thomas Backlund 2013-07-26 13:55:36 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2013-0235.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED