CVE-2020-35517 log

Source
Severity Medium
Remote No
Type Privilege escalation
Description
A potential host privilege escalation issue was found in the virtio-fs shared  file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host directory tree with a guest VM. The said privilege escalation scenario may occur if a privileged guest user was to create device special file in the shared directory and use it to r/w access host devices. A privileged guest user may use this flaw to arbitrarily access (r/w) host files resulting in DoS scenario or may potentially escalate privileges on the host.
Group Package Affected Fixed Severity Status Ticket
AVG-1308 qemu 5.2.0-3 Medium Vulnerable
References
https://www.openwall.com/lists/oss-security/2021/01/22/1
https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html