CVE-2010-2237
EPSS 0.07%
Description
Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.
How to fix CVE-2010-2237
To remediate CVE-2010-2237, upgrade the affected package to a fixed version below.
- Debian/libvirt—upgrade to 0.8.3-1 or later
Is CVE-2010-2237 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.8.3-1