2021-03-09 17:17:43
redhat
PUBLISHED
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new xattrmap option may cause the security.capability xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the guest. In rare circumstances, this flaw could be used by a malicious user to elevate their privileges within the guest.