Описание
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 1:8.0.4+dfsg-1ubuntu5 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | not-affected | 1:4.2-3ubuntu6.28 |
| esm-infra/xenial | needs-triage | |
| focal | released | 1:4.2-3ubuntu6.28 |
| jammy | released | 1:6.2+dfsg-2ubuntu6.16 |
| kinetic | ignored | end of life, was needed |
| lunar | released | 1:7.2+dfsg-5ubuntu2.4 |
Показывать по
EPSS
6 Medium
CVSS3
Связанные уязвимости
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.
A flaw was found in the 9p passthrough filesystem (9pfs) implementatio ...
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.
EPSS
6 Medium
CVSS3