Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 780816 (CVE-2020-35517) - <app-emulation/qemu-6.0.0: virtiofsd: potential privileged host device access from guest (CVE-2020-35517)
Summary: <app-emulation/qemu-6.0.0: virtiofsd: potential privileged host device access...
Status: UNCONFIRMED
Alias: CVE-2020-35517
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B1 [stable blocked]
Keywords:
Depends on: CVE-2020-35504, CVE-2020-35505, CVE-2020-35506
Blocks:
  Show dependency tree
 
Reported: 2021-04-07 12:08 UTC by Jannik Glückert
Modified: 2021-06-04 15:08 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jannik Glückert 2021-04-07 12:08:28 UTC
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517
Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html

A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices.

This is fixed in to be released qemu-6.0

The patch seems to be slightly malformed, lines 38 and 39 should be:

@@ -684,8 +707,7 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
 int valid, struct fuse_file_info *fi)

with that it applies and builds fine