QEMU Security Bypass Vulnerability

Bugtraq ID:	30604
Class:	Access Validation Error
CVE:	CVE-2008-1945
Remote:	No
Local:	Yes
Published:	Aug 07 2008 12:00AM
Updated:	May 25 2009 07:30PM
Credit:	The vendor disclosed this issue.
Vulnerable:	XenSource Xen 3.2 XenSource Xen 3.1.2 XenSource Xen 3.1.1 XenSource Xen 3.0.3 XenSource Xen 3.0 Ubuntu Ubuntu Linux 8.10 sparc Ubuntu Ubuntu Linux 8.10 powerpc Ubuntu Ubuntu Linux 8.10 lpia Ubuntu Ubuntu Linux 8.10 i386 Ubuntu Ubuntu Linux 8.10 amd64 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 SuSE SUSE Linux Enterprise Server 11 + Linux kernel 2.6.5 SuSE SUSE Linux Enterprise Server 10 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 Redhat Enterprise Linux Virtualization 5 Server Redhat Enterprise Linux Desktop Multi OS 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server QEMU QEMU 0 Pardus Linux 2008 0 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia-64 Debian Linux 5.0 ia-32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 armel Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0

Not Vulnerable: