CVE-2020-35517 - OpenCVE

A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Qemu	Qemu
Redhat	Advanced Virtualization Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Advanced Virtualization for RHEL 8.2.1
virt:8.2-8020120210211153838.863bb0db	cpe:/a:redhat:advanced_virtualization:8.2::el8	RHSA-2021:0743	2021-03-08T00:00:00Z
virt-devel:8.2-8020120210211153838.863bb0db	cpe:/a:redhat:advanced_virtualization:8.2::el8	RHSA-2021:0743	2021-03-08T00:00:00Z
Advanced Virtualization for RHEL 8.3.1
virt:8.3-8030120210211160750.71132145	cpe:/a:redhat:advanced_virtualization:8.3::el8	RHBA-2021:0639	2021-02-22T00:00:00Z
virt-devel:8.3-8030120210211160750.71132145	cpe:/a:redhat:advanced_virtualization:8.3::el8	RHBA-2021:0639	2021-02-22T00:00:00Z
Red Hat Enterprise Linux 8
virt-devel:rhel-8030020210210212009.229f0a1c	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:0711	2021-03-03T00:00:00Z
virt:rhel-8030020210210212009.229f0a1c	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:0711	2021-03-03T00:00:00Z

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=1915823
https://github.com/qemu/qemu/commit/ebf101955ce8f8d72fba103b5151115a4335de2c
https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html
https://nvd.nist.gov/vuln/detail/CVE-2020-35517
https://security.gentoo.org/glsa/202208-27
https://security.netapp.com/advisory/ntap-20210312-0002/
https://virtio-fs.gitlab.io/
https://www.cve.org/CVERecord?id=CVE-2020-35517
https://www.openwall.com/lists/oss-security/2021/01/22/1

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-01-28T19:13:54

Updated: 2024-08-04T17:02:08.231Z

Reserved: 2020-12-17T00:00:00

Link: CVE-2020-35517

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-01-28T20:15:12.913

Modified: 2023-02-12T23:41:03.483

Link: CVE-2020-35517

Redhat

Severity : Important

Publid Date: 2021-01-21T00:00:00Z

Links: CVE-2020-35517 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object