Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HQemu
APPQemu2.9.0≤ 2.8.1.1
Related vulnerabilities
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and ear...
The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows ...
The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attack...
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer ...
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers...