CVE-2017-7471 (retired)

Priority
Description
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via
Plan 9 File System (9pfs) support, is vulnerable to an improper access
control issue. It could occur while accessing files on a shared host
directory. A privileged user inside guest could use this flaw to access
host file system beyond the shared folder and potentially escalating their
privileges on a host.
Notes
 ratliff> the conversion to at*() syscalls is not in yakkety/zesty
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-03-26 12:26:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)