CVE-2012-2693
libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored
Severity Score
3.7
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.
libvirt, posiblemente anterior a v0.9.12, no se asignan adecuadamente los dispositivos USB a las máquinas virtuales cuando varios dispositivos tienen el mismo proveedor y la misma identificación de producto, lo que podría provocar que el dispositivo equivocado sea asociado con un invitado lo que podría podría permitir a usuarios locales acceder a los dispositivos USB no deseados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-06-17 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/06/11/2 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2012/06/11/3 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.redhat.com/archives/libvir-list/2012-April/msg01494.html | 2013-01-15 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-0748.html | 2013-01-15 | |
| http://rhn.redhat.com/errata/RHSA-2013-0127.html | 2013-01-15 | |
| https://access.redhat.com/security/cve/CVE-2012-2693 | 2013-01-08 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=831164 | 2013-01-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | <= 0.9.11 Search vendor "Redhat" for product "Libvirt" and version " <= 0.9.11" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.0.1 Search vendor "Redhat" for product "Libvirt" and version "0.0.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.0.2 Search vendor "Redhat" for product "Libvirt" and version "0.0.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.0.3 Search vendor "Redhat" for product "Libvirt" and version "0.0.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.0.4 Search vendor "Redhat" for product "Libvirt" and version "0.0.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.0.5 Search vendor "Redhat" for product "Libvirt" and version "0.0.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.0.6 Search vendor "Redhat" for product "Libvirt" and version "0.0.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.0 Search vendor "Redhat" for product "Libvirt" and version "0.1.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.1 Search vendor "Redhat" for product "Libvirt" and version "0.1.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.3 Search vendor "Redhat" for product "Libvirt" and version "0.1.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.4 Search vendor "Redhat" for product "Libvirt" and version "0.1.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.5 Search vendor "Redhat" for product "Libvirt" and version "0.1.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.6 Search vendor "Redhat" for product "Libvirt" and version "0.1.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.7 Search vendor "Redhat" for product "Libvirt" and version "0.1.7" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.8 Search vendor "Redhat" for product "Libvirt" and version "0.1.8" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.1.9 Search vendor "Redhat" for product "Libvirt" and version "0.1.9" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.2.0 Search vendor "Redhat" for product "Libvirt" and version "0.2.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.2.1 Search vendor "Redhat" for product "Libvirt" and version "0.2.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.2.2 Search vendor "Redhat" for product "Libvirt" and version "0.2.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.2.3 Search vendor "Redhat" for product "Libvirt" and version "0.2.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.3.0 Search vendor "Redhat" for product "Libvirt" and version "0.3.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.3.1 Search vendor "Redhat" for product "Libvirt" and version "0.3.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.3.2 Search vendor "Redhat" for product "Libvirt" and version "0.3.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.3.3 Search vendor "Redhat" for product "Libvirt" and version "0.3.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.0 Search vendor "Redhat" for product "Libvirt" and version "0.4.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.1 Search vendor "Redhat" for product "Libvirt" and version "0.4.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.2 Search vendor "Redhat" for product "Libvirt" and version "0.4.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.3 Search vendor "Redhat" for product "Libvirt" and version "0.4.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.4 Search vendor "Redhat" for product "Libvirt" and version "0.4.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.5 Search vendor "Redhat" for product "Libvirt" and version "0.4.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.4.6 Search vendor "Redhat" for product "Libvirt" and version "0.4.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.5.0 Search vendor "Redhat" for product "Libvirt" and version "0.5.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.5.1 Search vendor "Redhat" for product "Libvirt" and version "0.5.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.6.0 Search vendor "Redhat" for product "Libvirt" and version "0.6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.6.1 Search vendor "Redhat" for product "Libvirt" and version "0.6.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.6.2 Search vendor "Redhat" for product "Libvirt" and version "0.6.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.6.3 Search vendor "Redhat" for product "Libvirt" and version "0.6.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.6.4 Search vendor "Redhat" for product "Libvirt" and version "0.6.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.6.5 Search vendor "Redhat" for product "Libvirt" and version "0.6.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.0 Search vendor "Redhat" for product "Libvirt" and version "0.7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.1 Search vendor "Redhat" for product "Libvirt" and version "0.7.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.2 Search vendor "Redhat" for product "Libvirt" and version "0.7.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.3 Search vendor "Redhat" for product "Libvirt" and version "0.7.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.4 Search vendor "Redhat" for product "Libvirt" and version "0.7.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.5 Search vendor "Redhat" for product "Libvirt" and version "0.7.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.6 Search vendor "Redhat" for product "Libvirt" and version "0.7.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.7.7 Search vendor "Redhat" for product "Libvirt" and version "0.7.7" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.0 Search vendor "Redhat" for product "Libvirt" and version "0.8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.1 Search vendor "Redhat" for product "Libvirt" and version "0.8.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.2 Search vendor "Redhat" for product "Libvirt" and version "0.8.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.3 Search vendor "Redhat" for product "Libvirt" and version "0.8.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.4 Search vendor "Redhat" for product "Libvirt" and version "0.8.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.5 Search vendor "Redhat" for product "Libvirt" and version "0.8.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.6 Search vendor "Redhat" for product "Libvirt" and version "0.8.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.7 Search vendor "Redhat" for product "Libvirt" and version "0.8.7" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.8.8 Search vendor "Redhat" for product "Libvirt" and version "0.8.8" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.0 Search vendor "Redhat" for product "Libvirt" and version "0.9.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.1 Search vendor "Redhat" for product "Libvirt" and version "0.9.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.2 Search vendor "Redhat" for product "Libvirt" and version "0.9.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.3 Search vendor "Redhat" for product "Libvirt" and version "0.9.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.4 Search vendor "Redhat" for product "Libvirt" and version "0.9.4" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.5 Search vendor "Redhat" for product "Libvirt" and version "0.9.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.6 Search vendor "Redhat" for product "Libvirt" and version "0.9.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.7 Search vendor "Redhat" for product "Libvirt" and version "0.9.7" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.8 Search vendor "Redhat" for product "Libvirt" and version "0.9.8" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.9 Search vendor "Redhat" for product "Libvirt" and version "0.9.9" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Libvirt Search vendor "Redhat" for product "Libvirt" | 0.9.10 Search vendor "Redhat" for product "Libvirt" and version "0.9.10" | - |
Affected
| ||||||