CVE-2010-2239
EPSS 0.09%
Description
Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors.
How to fix CVE-2010-2239
To remediate CVE-2010-2239, upgrade the affected package to a fixed version below.
- Debian/libvirt—upgrade to 0.8.3-1 or later
Is CVE-2010-2239 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.8.3-1