2 matches found
BELL-CVE-2023-1386
Bulletin has no description...
CVE-2023-1386
The CVE-2023-1386 entry describes a vulnerability in QEMU’s 9p passthrough filesystem (9pfs). The root cause is that when a local guest user writes an executable with SUID/SGID, the privileged bits are not dropped, enabling potential privilege escalation within the guest and potentially aiding a ...