linux-kvm is vulnerable to privilege escalation. The vulnerability exists as the rbd
block device driver in drivers/block/rbd.c
used incomplete permission checking for access to rbd
devices, which could be leveraged by local attackers to map or unmap rbd block devices.
lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f44d04e696feaf13d192d942c4f14ad2e117065a
git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-25284
lists.debian.org/debian-lts-announce/2020/09/msg00025.html
lists.debian.org/debian-lts-announce/2020/10/msg00032.html
lists.debian.org/debian-lts-announce/2020/10/msg00034.html
twitter.com/grsecurity/status/1304537507560919041