A potential host privilege escalation issue was found in the virtio-fs shared file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host directory tree with a guest VM. The said privilege escalation scenario may occur if a privileged guest user was to create device special file in the shared directory and use it to r/w access host devices. A privileged guest user may use this flaw to arbitrarily access (r/w) host files resulting in DoS scenario or may potentially escalate privileges on the host.
A potential host privilege escalation issue was found in the virtio-fs shared file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host directory tree with a guest VM. The said privilege escalation scenario may occur if a privileged guest user was to create device special file in the shared directory and use it to r/w access host devices. A privileged guest user may use this flaw to arbitrarily access (r/w) host files resulting in DoS scenario or may potentially escalate privileges on the host.
https://www.openwall.com/lists/oss-security/2021/01/22/1 https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html
Vulmon