7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in
QEMU. When a local user in the guest writes an executable file with SUID or
SGID, none of these privileged bits are correctly dropped. As a result, in
rare circumstances, this flaw could be used by malicious users in the guest
to elevate their privileges within the guest and help a host local user to
elevate privileges on the host.
Author | Note |
---|---|
Priority reason: Low severity issue, guest user could help host user escalate privileges | |
mdeslaur | as of 2024-06-17, there is no upstream fix for this issue (The commits on May 12th and May 22nd are mistagged) |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%