CVE-2012-2693

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2012-2693

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2012-2693.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2012-2693

Downstream

DEBIAN-CVE-2012-2693

RHSA-2012:0748

RHSA-2013:0127

Published

2012-06-17T03:41:42Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.

References

http://rhn.redhat.com/errata/RHSA-2012-0748.html
http://rhn.redhat.com/errata/RHSA-2013-0127.html
https://www.redhat.com/archives/libvir-list/2012-April/msg01494.html
http://www.openwall.com/lists/oss-security/2012/06/11/2
http://www.openwall.com/lists/oss-security/2012/06/11/3

CVE-2012-2693

Affected packages