Oval Definition:	oval:org.mitre.oval:def:23514
Revision Date: 2014-05-26 Version: 21 Title: ELSA-2013:1272: libvirt security and bug fix update (Important) Description: libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2013-4296 CVE-2013-4311 ELSA-2013:1272-00 Platform(s): Oracle Linux 6 Product(s): libvirt Definition Synopsis Oracle Linux 6.x AND rpm test libvirt-lock-sanlock is earlier than 0:0.10.2-18.el6_4.14 OR libvirt-client is earlier than 0:0.10.2-18.el6_4.14 OR libvirt-python is earlier than 0:0.10.2-18.el6_4.14 OR libvirt is earlier than 0:0.10.2-18.el6_4.14 OR libvirt-devel is earlier than 0:0.10.2-18.el6_4.14
BACK