Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QEMU 权限许可和访问控制漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)软件开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU中存在权限许可和访问控制漏洞。本地攻击者可利用该漏洞在主机操作系统上获得提权,成功的利用将导致完全控制受影响计算机。
CVSS Information
N/A
Vulnerability Type
N/A