The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-06T23:00:00

Updated: 2024-08-05T20:27:04.404Z

Reserved: 2017-11-06T00:00:00

Link: CVE-2017-16638

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-11-06T23:29:00.297

Modified: 2024-11-21T03:16:44.053

Link: CVE-2017-16638

cve-icon Redhat

No data.