vulnerability
Oracle Linux: CVE-2022-0358: ELSA-2022-0886: virt:ol and virt-devel:rhel security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:S/C:C/I:C/A:C) | 2022-01-25 | 2022-03-17 | 2025-01-08 |
Severity
6
CVSS
(AV:L/AC:H/Au:S/C:C/I:C/A:C)
Published
2022-01-25
Added
2022-03-17
Modified
2025-01-08
Description
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system.
Solution(s)
oracle-linux-upgrade-hivexoracle-linux-upgrade-hivex-develoracle-linux-upgrade-libguestfsoracle-linux-upgrade-libguestfs-bash-completionoracle-linux-upgrade-libguestfs-benchmarkingoracle-linux-upgrade-libguestfs-develoracle-linux-upgrade-libguestfs-gfs2oracle-linux-upgrade-libguestfs-gobjectoracle-linux-upgrade-libguestfs-gobject-develoracle-linux-upgrade-libguestfs-inspect-iconsoracle-linux-upgrade-libguestfs-javaoracle-linux-upgrade-libguestfs-java-develoracle-linux-upgrade-libguestfs-javadocoracle-linux-upgrade-libguestfs-man-pages-jaoracle-linux-upgrade-libguestfs-man-pages-ukoracle-linux-upgrade-libguestfs-rescueoracle-linux-upgrade-libguestfs-rsyncoracle-linux-upgrade-libguestfs-toolsoracle-linux-upgrade-libguestfs-tools-coracle-linux-upgrade-libguestfs-winsupportoracle-linux-upgrade-libguestfs-xfsoracle-linux-upgrade-libiscsioracle-linux-upgrade-libiscsi-develoracle-linux-upgrade-libiscsi-utilsoracle-linux-upgrade-libnbdoracle-linux-upgrade-libnbd-develoracle-linux-upgrade-libvirtoracle-linux-upgrade-libvirt-adminoracle-linux-upgrade-libvirt-bash-completionoracle-linux-upgrade-libvirt-clientoracle-linux-upgrade-libvirt-daemonoracle-linux-upgrade-libvirt-daemon-config-networkoracle-linux-upgrade-libvirt-daemon-config-nwfilteroracle-linux-upgrade-libvirt-daemon-driver-interfaceoracle-linux-upgrade-libvirt-daemon-driver-networkoracle-linux-upgrade-libvirt-daemon-driver-nodedevoracle-linux-upgrade-libvirt-daemon-driver-nwfilteroracle-linux-upgrade-libvirt-daemon-driver-qemuoracle-linux-upgrade-libvirt-daemon-driver-secretoracle-linux-upgrade-libvirt-daemon-driver-storageoracle-linux-upgrade-libvirt-daemon-driver-storage-coreoracle-linux-upgrade-libvirt-daemon-driver-storage-diskoracle-linux-upgrade-libvirt-daemon-driver-storage-glusteroracle-linux-upgrade-libvirt-daemon-driver-storage-iscsioracle-linux-upgrade-libvirt-daemon-driver-storage-iscsi-directoracle-linux-upgrade-libvirt-daemon-driver-storage-logicaloracle-linux-upgrade-libvirt-daemon-driver-storage-mpathoracle-linux-upgrade-libvirt-daemon-driver-storage-rbdoracle-linux-upgrade-libvirt-daemon-driver-storage-scsioracle-linux-upgrade-libvirt-daemon-kvmoracle-linux-upgrade-libvirt-dbusoracle-linux-upgrade-libvirt-develoracle-linux-upgrade-libvirt-docsoracle-linux-upgrade-libvirt-libsoracle-linux-upgrade-libvirt-lock-sanlockoracle-linux-upgrade-libvirt-nssoracle-linux-upgrade-lua-guestfsoracle-linux-upgrade-nbdfuseoracle-linux-upgrade-nbdkitoracle-linux-upgrade-nbdkit-bash-completionoracle-linux-upgrade-nbdkit-basic-filtersoracle-linux-upgrade-nbdkit-basic-pluginsoracle-linux-upgrade-nbdkit-curl-pluginoracle-linux-upgrade-nbdkit-develoracle-linux-upgrade-nbdkit-example-pluginsoracle-linux-upgrade-nbdkit-gzip-pluginoracle-linux-upgrade-nbdkit-linuxdisk-pluginoracle-linux-upgrade-nbdkit-python-pluginoracle-linux-upgrade-nbdkit-serveroracle-linux-upgrade-nbdkit-ssh-pluginoracle-linux-upgrade-nbdkit-vddk-pluginoracle-linux-upgrade-nbdkit-xz-filteroracle-linux-upgrade-netcforacle-linux-upgrade-netcf-develoracle-linux-upgrade-netcf-libsoracle-linux-upgrade-ocaml-hivexoracle-linux-upgrade-ocaml-hivex-develoracle-linux-upgrade-ocaml-libguestfsoracle-linux-upgrade-ocaml-libguestfs-develoracle-linux-upgrade-ocaml-libnbdoracle-linux-upgrade-ocaml-libnbd-develoracle-linux-upgrade-perl-hivexoracle-linux-upgrade-perl-sys-guestfsoracle-linux-upgrade-perl-sys-virtoracle-linux-upgrade-python3-hivexoracle-linux-upgrade-python3-libguestfsoracle-linux-upgrade-python3-libnbdoracle-linux-upgrade-python3-libvirtoracle-linux-upgrade-qemu-guest-agentoracle-linux-upgrade-qemu-imgoracle-linux-upgrade-qemu-kvmoracle-linux-upgrade-qemu-kvm-block-curloracle-linux-upgrade-qemu-kvm-block-glusteroracle-linux-upgrade-qemu-kvm-block-iscsioracle-linux-upgrade-qemu-kvm-block-rbdoracle-linux-upgrade-qemu-kvm-block-sshoracle-linux-upgrade-qemu-kvm-commonoracle-linux-upgrade-qemu-kvm-coreoracle-linux-upgrade-qemu-kvm-testsoracle-linux-upgrade-ruby-hivexoracle-linux-upgrade-ruby-libguestfsoracle-linux-upgrade-seabiosoracle-linux-upgrade-seabios-binoracle-linux-upgrade-seavgabios-binoracle-linux-upgrade-sgabiosoracle-linux-upgrade-sgabios-binoracle-linux-upgrade-superminoracle-linux-upgrade-supermin-develoracle-linux-upgrade-virt-diboracle-linux-upgrade-virt-v2v
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.