CVE-2010-2242

Publication date 19 August 2010

Last updated 24 July 2024

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libvirt	10.10 maverick	Fixed 0.8.3-1ubuntu8
	10.04 LTS lucid	Fixed 0.7.5-5ubuntu27.5
	9.10 karmic	Fixed 0.7.0-1ubuntu13.2
	9.04 jaunty	Fixed 0.6.1-0ubuntu5.2
	8.04 LTS hardy	Fixed 0.4.0-2ubuntu8.3
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1008-1
libvirt vulnerabilities
21 October 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2010-2242