Unrated severityNVD Advisory· Published Jun 29, 2012· Updated Apr 29, 2026

CVE-2012-2690

Description

virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.

Affected products

Libguestfs/Libguestfs71 versions
cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*+ 70 more
- cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*range: <=1.17.43
- cpe:2.3:a:libguestfs:libguestfs:1.16.0:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.1:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.10:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.11:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.12:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.13:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.14:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.15:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.16:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.17:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.18:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.19:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.2:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.20:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.21:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.22:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.23:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.24:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.25:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.26:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.3:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.4:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.5:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.6:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.7:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.8:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.16.9:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.10:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.11:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.12:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.13:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.14:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.15:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.16:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.17:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.18:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.19:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.2:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.20:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.21:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.22:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.23:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.24:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.25:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.26:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.27:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.28:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.29:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.3:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.30:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.31:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.32:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.33:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.34:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.35:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.36:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.37:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.38:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.39:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.4:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.40:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.41:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.42:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.5:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.6:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.7:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.8:*:*:*:*:*:*:*
- cpe:2.3:a:libguestfs:libguestfs:1.17.9:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/49431nvdVendor Advisory
secunia.com/advisories/49545nvdVendor Advisory
rhn.redhat.com/errata/RHSA-2012-0774.htmlnvd
www.securityfocus.com/bid/53932nvd
exchange.xforce.ibmcloud.com/vulnerabilities/76220nvd
www.redhat.com/archives/libguestfs/2012-May/msg00104.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000