| Vulnerability Name: | CVE-2022-0358 (CCN-224302) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2022-01-25 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2022-01-25 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2022-12-09 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Summary: | A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.1 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 6.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-273 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-0358 Source: secalert@redhat.com Type: Third Party Advisory secalert@redhat.com Source: CCN Type: Red Hat Bugzilla Bug 2044863 (CVE-2022-0358) CVE-2022-0358 QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 Source: secalert@redhat.com Type: Issue Tracking, Patch, Third Party Advisory secalert@redhat.com Source: XF Type: UNKNOWN qemu-cve20220358-priv-esc(224302) Source: secalert@redhat.com Type: Patch, Third Party Advisory secalert@redhat.com Source: CCN Type: qemu-devel Web site [PATCH] virtiofsd: Drop membership of all supplementary groups (CVE-2022 Source: secalert@redhat.com Type: Third Party Advisory secalert@redhat.com Source: CCN Type: Mend Vulnerability Database CVE-2022-0358 Source: CCN Type: QEMU Web site QEMU Source: CCN Type: SUSE Web site CVE-2022-0358 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||