Lucene search

K
redosRedosROS-20220324-02
HistoryMar 24, 2022 - 12:00 a.m.

ROS-20220324-02

2022-03-2400:00:00
redos.red-soft.ru
12

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

A vulnerability in the QEMU emulator is related to an incorrect implementation of the QEMU shared file system daemon
virtio-fs (virtiofsd). Exploitation of the vulnerability could allow an attacker, in a guest OS, to create files
in directories shared by virtio-fs, with unintended group ownership in a scenario where the
directory has an SGID for a particular group and is writable by a user who is not a
group member

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64qemu<= 6.1.0-8UNKNOWN

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%