Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35250
HistoryApr 26, 2022 - 4:59 a.m.

Privilege Escalation

2022-04-2604:59:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21

0.0004 Low

EPSS

Percentile

5.1%

qemu is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation of authorization which allows an attacker to create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group.