Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the guest. In rare circumstances, this flaw could be used by a malicious user to elevate their privileges within the guest.
CVSS Information
N/A
Vulnerability Type
权限预留不恰当
Vulnerability Title
QEMU 安全漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在安全漏洞,攻击者可利用该漏洞可以通过QEMU的Virtiofsd Xattrmap选项绕过限制,从而提高在主机系统上的特权。
CVSS Information
N/A
Vulnerability Type
N/A