CVE-2013-4311

libvirt 1.0.5.x anterior a la versión 1.0.5.6, 0.10.2.x anterior a 0.10.2.8, y 0.9.12.x anterior a la versión 0.9.12.2 permite a usuarios locales evadir restricciones de acceso intencionadas mediante el aprovechamiento de una condición de carrera PolkitUnixProcess PolkitSubject en pkcheck a través de un (1) proceso setuid o (2) proceso pkexec, un problema relacionado con CVE-2013-4288.

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. libvirt invokes the PolicyKit pkcheck utility to handle authorization. A race condition was found in the way libvirt used this utility, allowing a local user to bypass intended PolicyKit authorizations or execute arbitrary commands with root privileges. Note: With this update, libvirt has been rebuilt to communicate with PolicyKit via a different API that is not vulnerable to the race condition. The polkit RHSA-2013:1270 advisory must also be installed to fix the CVE-2013-4311 issue.