2 matches found
SUSE CVE-2011-2527
The changeprocessuid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host...
qemu: when started as root, extra groups are not dropped correctly
Cause: qemu did not properly drop extra group privileges when started as root with the -runas commandline option. Consequence: extra GID's would give qemu elevated privileges to read or write files that the supplementary groups allowed, because qemu is still running with group root privileges. Fi...