Advisories ยป MGASA-2016-0103

Updated libvirt packages fix security vulnerability

Publication date: 09 Mar 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5313

Description

A path-traversal flaw was found in the way the libvirt daemon handled
file-system names for storage volumes. A libvirt user with privileges to
create storage volumes and without privileges to create and modify domains
could possibly use this flaw to escalate their privileges (CVE-2015-5313).
                

References

SRPMS

5/core