Oval Definition:oval:org.opensuse.security:def:20134291
Revision Date:2022-05-20Version:1
Title:CVE-2013-4291
Description:

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-4291
Mitre CVE-2013-4291
SUSE CVE-2013-4291
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • Release Information
  • sle11-sp3-sdk is installed
  • AND
  • libvirt-devel-32bit less than 1.0.5.6-0.7.1
  • OR libvirt-devel less than 1.0.5.6-0.7.1
  • OR Package Information
  • sled11-sp3 is installed
  • AND
  • libvirt-client-32bit less than 1.0.5.6-0.7.1
  • OR libvirt-client less than 1.0.5.6-0.7.1
  • OR libvirt-doc less than 1.0.5.6-0.7.1
  • OR libvirt-python less than 1.0.5.6-0.7.1
  • OR libvirt less than 1.0.5.6-0.7.1
  • OR Package Information
  • sles11-sp3 is installed
  • AND
  • libvirt-client-32bit less than 1.0.5.6-0.7.1
  • OR libvirt-client less than 1.0.5.6-0.7.1
  • OR libvirt-doc less than 1.0.5.6-0.7.1
  • OR libvirt-lock-sanlock less than 1.0.5.6-0.7.1
  • OR libvirt-python less than 1.0.5.6-0.7.1
  • OR libvirt less than 1.0.5.6-0.7.1
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libvirt-1.2.5-3 is installed
  • OR libvirt-client-1.2.5-3 is installed
  • OR libvirt-client-32bit-1.2.5-3 is installed
  • OR libvirt-doc-1.2.5-3 is installed
  • OR libvirt-lock-sanlock-1.2.5-3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND
  • libvirt-devel-1.2.5-3 is installed
  • OR libvirt-devel-32bit-1.2.5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • libvirt-1.2.5-3.76 is installed
  • OR libvirt-client-1.2.5-3.76 is installed
  • OR libvirt-client-32bit-1.2.5-3.76 is installed
  • OR libvirt-doc-1.2.5-3.76 is installed
  • OR libvirt-lock-sanlock-1.2.5-3.76 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libvirt-1.2.5-3.76 is installed
  • OR libvirt-client-1.2.5-3.76 is installed
  • OR libvirt-client-32bit-1.2.5-3.76 is installed
  • OR libvirt-doc-1.2.5-3.76 is installed
  • OR libvirt-lock-sanlock-1.2.5-3.76 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND
  • libvirt-devel-1.2.5-3.76 is installed
  • OR libvirt-devel-32bit-1.2.5-3.76 is installed
    • BACK