CVE-2008-1945

Published: 08 August 2008

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

Priority

Medium

Status

Package Release Status
kvm
Launchpad, Ubuntu, Debian
Upstream Needs triage

qemu
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Vendor: http://www.mandriva.com/security/advisories?name=MDVSA-2008:162
qemu-kvm
Launchpad, Ubuntu, Debian
Upstream Needs triage

xen-3.0
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Vendor: http://people.ubuntu.com/~kees/qemu/xen-qemu-usbdisk-no-auto-format-CVE-2008-1945.patch
xen-3.1
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Vendor: http://people.ubuntu.com/~kees/qemu/xen-qemu-usbdisk-no-auto-format-CVE-2008-1945.patch
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.2
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Vendor: http://people.ubuntu.com/~kees/qemu/xen-qemu-usbdisk-no-auto-format-CVE-2008-1945.patch
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Notes

AuthorNote
kees
this follows CVE-2008-2004 chronologically.
xen-utils-3.x is in universe.
mdeslaur
patch is xen-qemu-usbdisk-no-auto-format.patch in RHEL5

References