CVE Database


Impact: Moderate
Public: 2011-07-09
Bugzilla: 720773: CVE-2011-2527 qemu: when started as root, extra groups are not dropped correctly


The MITRE CVE dictionary describes this issue as:

The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.

Find out more about CVE-2011-2527 from the MITRE CVE dictionary and NIST NVD.


Future qemu-kvm updates in Red Hat Enterprise Linux 6 may address this flaw. This issue did not affect the versions of qemu-kvm as shipped with Red Hat Enterprise Linux 5 as it did not include support for "run as" functionality.

CVSS v2 metrics

Base Score: 3.7
Base Metrics: AV:L/AC:H/Au:N/C:P/I:P/A:P
Access Vector: Local
Access Complexity: High
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: Partial
Availability Impact: Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 6 (qemu-kvm) RHSA-2011:1531 December 05, 2011

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.