Moderate CentOS libguestfs Update
|libguestfs-1.20.11-2.el6.src.rpm, libguestfs-1.20.11-2.el6.x86_64.rpm, libguestfs-devel-1.20.11-2.el6.x86_64.rpm, libguestfs-java-1.20.11-2.el6.x86_64.rpm, libguestfs-java-devel-1.20.11-2.el6.x86_64.rpm, libguestfs-javadoc-1.20.11-2.el6.x86_64.rpm, libguestfs-tools-1.20.11-2.el6.x86_64.rpm, libguestfs-tools-c-1.20.11-2.el6.x86_64.rpm, ocaml-libguestfs-1.20.11-2.el6.x86_64.rpm, ocaml-libguestfs-devel-1.20.11-2.el6.x86_64.rpm, perl-Sys-Guestfs-1.20.11-2.el6.x86_64.rpm, python-libguestfs-1.20.11-2.el6.x86_64.rpm, ruby-libguestfs-1.20.11-2.el6.x86_64.rpm|
Updated libguestfs packages that fix one security issue, several bugs, and
add various enhancements are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Libguestfs is a library and set of tools for accessing and modifying guest
It was found that guestfish, which enables shell scripting and command line
access to libguestfs, insecurely created the temporary directory used to
store the network socket when started in server mode. A local attacker
could use this flaw to intercept and modify other user's guestfish command,
allowing them to perform arbitrary guestfish actions with the privileges of
a different user, or use this flaw to obtain authentication credentials.
This issue was discovered by Michael Scherer of the Red Hat Regional IT
These updated libguestfs packages include numerous bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical
Notes, linked to in the References, for information on the most significant
of these changes.
All libguestfs users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues and add these
Please see https://www.redhat.com/footer/terms-of-use.html
Am I vulnerable?
The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.
Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.Sign up for monitoring
Affected package information