Security Advisory

CVE-2023-2861

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-06 06:19:40

Last updated 2024-08-02 06:33:05

Assigner fedora

State PUBLISHED

Description

A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.

← Browse all CVEs View on cve.org ↗