CVE-2020-35517 - log back

CVE-2020-35517 edited at 29 Apr 2021 22:47:43
References
https://www.openwall.com/lists/oss-security/2021/01/22/1
- https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html
+ https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a3fdbbc7f271bff7d53d0501b29d910ece0b3789
CVE-2020-35517 edited at 22 Jan 2021 17:23:04
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Privilege escalation
Description
+ A potential host privilege escalation issue was found in the virtio-fs shared file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host directory tree with a guest VM. The said privilege escalation scenario may occur if a privileged guest user was to create device special file in the shared directory and use it to r/w access host devices. A privileged guest user may use this flaw to arbitrarily access (r/w) host files resulting in DoS scenario or may potentially escalate privileges on the host.
References
+ https://www.openwall.com/lists/oss-security/2021/01/22/1
+ https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html
CVE-2020-35517 created at 22 Jan 2021 17:20:51
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes