A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: fedora
Published: 2023-12-06T06:19:40.625Z
Updated: 2024-08-02T06:33:05.791Z
Reserved: 2023-05-24T07:54:12.009Z
Link: CVE-2023-2861
Vulnrichment
Updated: 2024-08-02T06:33:05.791Z
NVD
Status : Modified
Published: 2023-12-06T07:15:41.430
Modified: 2024-11-21T07:59:26.520
Link: CVE-2023-2861
Redhat