---

CVE-2020-35517 - log back

CVE-2020-35517 edited at 29 Apr 2021 22:47:43
References	https://www.openwall.com/lists/oss-security/2021/01/22/1 - https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html + https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a3fdbbc7f271bff7d53d0501b29d910ece0b3789

CVE-2020-35517 edited at 22 Jan 2021 17:23:04
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Privilege escalation
Description	+ A potential host privilege escalation issue was found in the virtio-fs shared file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host directory tree with a guest VM. The said privilege escalation scenario may occur if a privileged guest user was to create device special file in the shared directory and use it to r/w access host devices. A privileged guest user may use this flaw to arbitrarily access (r/w) host files resulting in DoS scenario or may potentially escalate privileges on the host.
References	+ https://www.openwall.com/lists/oss-security/2021/01/22/1 + https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html

CVE-2020-35517 created at 22 Jan 2021 17:20:51
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes