High severity7.5NVD Advisory· Published Nov 17, 2017· Updated Jun 17, 2026
CVE-2017-1000199
CVE-2017-1000199
Description
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.1:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.2.0:*:*:*:*:*:*:*
- Range: <=1.20
- osv-coords4 versionspkg:rpm/suse/tcmu-runner&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/tcmu-runner&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/tcmu-runner&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/tcmu-runner&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
< 1.0.4-3.3.10+ 3 more
- (no CPE)range: < 1.0.4-3.3.10
- (no CPE)range: < 1.0.4-3.3.10
- (no CPE)range: < 1.0.4-3.3.10
- (no CPE)range: < 1.0.4-3.3.10
Patches
Vulnerability mechanics
References
2- github.com/open-iscsi/tcmu-runner/issues/194nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3277nvd
News mentions
0No linked articles in our index yet.