CVE-2021-20263 — Improper Preservation of Permissions in Qemu

CWE-281 — Improper Preservation of Permissions5 documents5 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 67.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu

Timeline

PublishedMar 9

Latest updateMay 24

Description

A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the guest. In rare circumstances, this flaw could be used by a malicious user to elevate their privileges within the guest.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages4 packages

▶NVDqemu/qemu5.0.0 — 5.2.50

▶debiandebian/qemu< qemu 1:5.2+dfsg-9 (bookworm)

▶Debianqemu/qemu< 1:5.2+dfsg-9+3

▶CVEListV5qemu/qemuqemu 5.2.50

Patches

Patch: bugzilla.redhat.com ↗Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-349h-phx6-ghfj: A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU↗2022-05-24

▶

OSV

CVE-2021-20263: A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU↗2021-03-09

▶

📋Vendor Advisories

Red Hat

QEMU: virtiofsd: 'security.capabilities' is not dropped with xattrmap option↗2021-03-01

▶

Debian

CVE-2021-20263: qemu - A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU....↗2021

▶