CVE-2016-9602 — Link Following in Qemu

CWE-59 — Link Following10 documents7 sources

Severity

8.8HIGHNVD

OSV5.5

EPSS

1.3%

top 20.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Debian Linux

Timeline

PublishedApr 26

Latest updateMay 13

Description

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶NVDqemu/qemu< 2.9

▶debiandebian/qemu< qemu 1:2.8+dfsg-3 (bookworm)

▶Debianqemu/qemu< 1:2.8+dfsg-3+3

▶Ubuntuqemu/qemu< 2.0.0+dfsg-2ubuntu1.33+1

Also affects: Debian Linux 8.0

🔴Vulnerability Details

GHSA

GHSA-43hg-r8gj-3mp9: Qemu before version 2↗2022-05-13

▶

OSV

CVE-2016-9602: Qemu before version 2↗2018-04-26

▶

OSV

qemu vulnerabilities↗2017-04-20

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2017-04-25

▶

Ubuntu

QEMU vulnerabilities↗2017-04-20

▶

Red Hat

Qemu: 9p: virtfs allows guest to access host filesystem↗2017-01-17

▶

Debian

CVE-2016-9602: qemu - Qemu before version 2.9 is vulnerable to an improper link following when built w...↗2016

▶

💬Community

Bugzilla

CVE-2016-9602 Qemu: 9p: virtfs allows guest to access host filesystem [fedora-all]↗2017-01-17

▶

Bugzilla

CVE-2016-9602 Qemu: 9p: virtfs allows guest to access host filesystem↗2017-01-17

▶