Lucene search
RedhatCVELIST:CVE-2021-20263HistoryMar 09, 2021 - 5:17 p.m.
CVE-2021-20263
2021-03-0917:17:43
CWE-281
redhat
www.cve.org
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ‘xattrmap’ option may cause the ‘security.capability’ xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the guest. In rare circumstances, this flaw could be used by a malicious user to elevate their privileges within the guest.
CNA Affected
[
{
"product": "QEMU",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "qemu 5.2.50"
}
]
}
]Related
redhatcve
redhatcve
CVE-2021-20263
2021-03-02 13:02:59
prion
prion
Design/Logic Flaw
2021-03-09 18:15:00
nvd
nvd
CVE-2021-20263
2021-03-09 18:15:15
ubuntucve
ubuntucve
CVE-2021-20263
2021-03-09 00:00:00
cve
cve
CVE-2021-20263
2021-03-09 18:15:15
veracode
veracode
Privilege Escalation
2021-03-17 23:46:21
debiancve
debiancve
CVE-2021-20263
2021-03-09 18:15:15
suse
suse
Security update for qemu (important)
2021-07-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:1942-1)
2021-06-11 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1942-1)
2021-07-13 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1942-1)
2021-06-12 00:00:00
CentOS 9 : qemu-kvm-6.1.0-3.el9
2024-02-29 00:00:00
openSUSE 15 Security Update : qemu (openSUSE-SU-2021:1942-1)
2021-07-16 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00