Bug 10829 - qemu new security issue CVE-2013-2231
: qemu new security issue CVE-2013-2231
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 3
: i586 Linux
: Normal Severity: critical
: ---
Assigned To: QA Team
: Sec team
: http://lwn.net/Vulnerabilities/560379/
: mga3-64-ok mga3-32-ok
: validated_update
:
:
  Show dependency treegraph
 
Reported: 2013-07-23 20:50 CEST by David Walser
Modified: 2013-07-26 13:55 CEST (History)
2 users (show)

See Also:
Source RPM: qemu-1.2.0-8.1.mga3.src.rpm
CVE:


Attachments

Description David Walser 2013-07-23 20:50:48 CEST
RedHat has issued an advisory on July 22:
https://rhn.redhat.com/errata/RHSA-2013-1100.html

Patched packages uploaded for Mageia 3 and Cauldron.

Mageia 2's version doesn't seem to contain the affected code, which is weird, because the version in RHEL6 is older.  Perhaps the affected code was actually added to RHEL 6's version by one of the other 3883 patches they had previously added.

Advisory:
========================

Updated qemu packages fix security vulnerability:

An unquoted search path flaw was found in the way the QEMU Guest Agent
service installation was performed on Windows. Depending on the permissions
of the directories in the unquoted search path, a local, unprivileged user
could use this flaw to have a binary of their choosing executed with SYSTEM
privileges (CVE-2013-2231).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2231
https://rhn.redhat.com/errata/RHSA-2013-1100.html
========================

Updated packages in core/updates_testing:
========================
qemu-1.2.0-8.2.mga3
qemu-img-1.2.0-8.2.mga3

from qemu-1.2.0-8.2.mga3.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 claire robinson 2013-07-24 14:44:32 CEST
Testing complete mga3 64

Installed mga3 dualcd with virt-manager
Comment 2 claire robinson 2013-07-24 15:33:24 CEST
Testing complete mga3 32

Validating. Advisory from comment 0 uploaded.

Could sysadmin please push from 3 core/updates_testing to core/updates.

Thanks!
Comment 3 Thomas Backlund 2013-07-26 13:55:36 CEST
Update pushed:
http://advisories.mageia.org/MGASA-2013-0235.html

Note You need to log in before you can comment on or make changes to this bug.