CVE-2010-2242
EPSS 0.06%
Description
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.
How to fix CVE-2010-2242
To remediate CVE-2010-2242, upgrade the affected package to a fixed version below.
- Debian/libvirt—upgrade to 0.8.3-1 or later
Is CVE-2010-2242 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.8.3-1