CVE-2016-9602

Published: Apr 26, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.

Affected (2)

Products: Qemu: Qemu · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qemu Qemu	Before 2.9

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (16)

http://www.openwall.com/lists/oss-security/2017/01/17/12

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/95461

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037604

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9602

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04347.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201704-01

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2017/01/17/12

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/95461

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037604

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9602

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04347.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201704-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.