Vulnerability & Exploit Database

Displaying all 4 entries

Results for: CVE-2016-9602 Back to search

Ubuntu: (Multiple Advisories) (CVE-2016-9602): QEMU vulnerabilities Vulnerability

  • Severity: 9
  • Published: April 20, 2017

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.

SUSE: CVE-2016-9602: SUSE Linux Security Advisory Vulnerability

  • Severity: 9
  • Published: April 20, 2017

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.

Debian: CVE-2016-9602: qemu-kvm - security update Vulnerability

  • Severity: 9
  • Published: April 20, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3261-1:

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU t...

Gentoo Linux: CVE-2016-9602: QEMU: Multiple vulnerabilities Vulnerability

  • Severity: 9
  • Published: April 10, 2017

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.