Vulnerability Details CVE-2012-2693
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.8%
CVSS Severity
CVSS v2 Score 3.7
References
- http://rhn.redhat.com/errata/RHSA-2012-0748.html
- http://rhn.redhat.com/errata/RHSA-2013-0127.html
- http://www.openwall.com/lists/oss-security/2012/06/11/2
- http://www.openwall.com/lists/oss-security/2012/06/11/3
- https://www.redhat.com/archives/libvir-list/2012-April/msg01494.html
- http://rhn.redhat.com/errata/RHSA-2012-0748.html
- http://rhn.redhat.com/errata/RHSA-2013-0127.html
- http://www.openwall.com/lists/oss-security/2012/06/11/2
- http://www.openwall.com/lists/oss-security/2012/06/11/3
- https://www.redhat.com/archives/libvir-list/2012-April/msg01494.html
Products affected by CVE-2012-2693
-
cpe:2.3:a:redhat:libvirt:-
-
cpe:2.3:a:redhat:libvirt:0.0.1
-
cpe:2.3:a:redhat:libvirt:0.0.2
-
cpe:2.3:a:redhat:libvirt:0.0.3
-
cpe:2.3:a:redhat:libvirt:0.0.4
-
cpe:2.3:a:redhat:libvirt:0.0.5
-
cpe:2.3:a:redhat:libvirt:0.0.6
-
cpe:2.3:a:redhat:libvirt:0.1.0
-
cpe:2.3:a:redhat:libvirt:0.1.1
-
cpe:2.3:a:redhat:libvirt:0.1.10
-
cpe:2.3:a:redhat:libvirt:0.1.11
-
cpe:2.3:a:redhat:libvirt:0.1.3
-
cpe:2.3:a:redhat:libvirt:0.1.4
-
cpe:2.3:a:redhat:libvirt:0.1.5
-
cpe:2.3:a:redhat:libvirt:0.1.6
-
cpe:2.3:a:redhat:libvirt:0.1.7
-
cpe:2.3:a:redhat:libvirt:0.1.8
-
cpe:2.3:a:redhat:libvirt:0.1.9
-
cpe:2.3:a:redhat:libvirt:0.2.0
-
cpe:2.3:a:redhat:libvirt:0.2.1
-
cpe:2.3:a:redhat:libvirt:0.2.2
-
cpe:2.3:a:redhat:libvirt:0.2.3
-
cpe:2.3:a:redhat:libvirt:0.3.0
-
cpe:2.3:a:redhat:libvirt:0.3.1
-
cpe:2.3:a:redhat:libvirt:0.3.2
-
cpe:2.3:a:redhat:libvirt:0.3.3
-
cpe:2.3:a:redhat:libvirt:0.4.0
-
cpe:2.3:a:redhat:libvirt:0.4.1
-
cpe:2.3:a:redhat:libvirt:0.4.2
-
cpe:2.3:a:redhat:libvirt:0.4.3
-
cpe:2.3:a:redhat:libvirt:0.4.4
-
cpe:2.3:a:redhat:libvirt:0.4.5
-
cpe:2.3:a:redhat:libvirt:0.4.6
-
cpe:2.3:a:redhat:libvirt:0.5.0
-
cpe:2.3:a:redhat:libvirt:0.5.1
-
cpe:2.3:a:redhat:libvirt:0.6.0
-
cpe:2.3:a:redhat:libvirt:0.6.1
-
cpe:2.3:a:redhat:libvirt:0.6.2
-
cpe:2.3:a:redhat:libvirt:0.6.3
-
cpe:2.3:a:redhat:libvirt:0.6.4
-
cpe:2.3:a:redhat:libvirt:0.6.5
-
cpe:2.3:a:redhat:libvirt:0.7.0
-
cpe:2.3:a:redhat:libvirt:0.7.1
-
cpe:2.3:a:redhat:libvirt:0.7.2
-
cpe:2.3:a:redhat:libvirt:0.7.3
-
cpe:2.3:a:redhat:libvirt:0.7.4
-
cpe:2.3:a:redhat:libvirt:0.7.5
-
cpe:2.3:a:redhat:libvirt:0.7.6
-
cpe:2.3:a:redhat:libvirt:0.7.7
-
cpe:2.3:a:redhat:libvirt:0.8.0
-
cpe:2.3:a:redhat:libvirt:0.8.1
-
cpe:2.3:a:redhat:libvirt:0.8.2
-
cpe:2.3:a:redhat:libvirt:0.8.3
-
cpe:2.3:a:redhat:libvirt:0.8.4
-
cpe:2.3:a:redhat:libvirt:0.8.5
-
cpe:2.3:a:redhat:libvirt:0.8.6
-
cpe:2.3:a:redhat:libvirt:0.8.7
-
cpe:2.3:a:redhat:libvirt:0.8.8
-
cpe:2.3:a:redhat:libvirt:0.9.0
-
cpe:2.3:a:redhat:libvirt:0.9.1
-
cpe:2.3:a:redhat:libvirt:0.9.10
-
cpe:2.3:a:redhat:libvirt:0.9.11
-
cpe:2.3:a:redhat:libvirt:0.9.2
-
cpe:2.3:a:redhat:libvirt:0.9.3
-
cpe:2.3:a:redhat:libvirt:0.9.4
-
cpe:2.3:a:redhat:libvirt:0.9.5
-
cpe:2.3:a:redhat:libvirt:0.9.6
-
cpe:2.3:a:redhat:libvirt:0.9.6.1
-
cpe:2.3:a:redhat:libvirt:0.9.6.2
-
cpe:2.3:a:redhat:libvirt:0.9.6.3
-
cpe:2.3:a:redhat:libvirt:0.9.6.4
-
cpe:2.3:a:redhat:libvirt:0.9.7
-
cpe:2.3:a:redhat:libvirt:0.9.8
-
cpe:2.3:a:redhat:libvirt:0.9.9