World-Writable File Vulnerability in oVirt-Engine 3.2

World-Writable File Vulnerability in oVirt-Engine 3.2

CVE-2013-4367 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.