What is the vulnerability ID for this flaw?

The vulnerability ID for this flaw is CVE-2023-1386.

What is the severity level of CVE-2023-1386?

CVE-2023-1386 has a severity level of 7.8 (high).

What is the affected software for CVE-2023-1386?

The affected software for CVE-2023-1386 is QEMU and Fedora 38.

How can this vulnerability be exploited?

This vulnerability can be exploited by a local user in the guest writing an executable file with SUID or SGID.

Are there any fixes available for CVE-2023-1386?

Yes, fixes are available. Please refer to the provided references for more information.

Vulnerability/
CVE-2023-1386

high

7.8

CWE

281

19/7/2023

24/7/2023

17/4/2024

CVE-2023-1386: Qemu: 9pfs: suid/sgid bits not dropped on file write

First published: Wed Jul 19 2023(Updated: )

A flaw was discovered in 9pfs. Jietao Xiao and his team found that when a local user in the guest tries to write an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances(exist an executable file owned by root, writable by others, has SUID/SGID bits), this flaw could be used by malicious users in the guest to elevate their privileges within the guest and help a host's local user to elevate privileges on the host. Upstream issue: <a href="https://github.com/v9fs/linux/issues/29">https://github.com/v9fs/linux/issues/29</a>

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
QEMU qemu
Fedoraproject Fedora	=38

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this flaw?
The vulnerability ID for this flaw is CVE-2023-1386.
What is the severity level of CVE-2023-1386?
CVE-2023-1386 has a severity level of 7.8 (high).
What is the affected software for CVE-2023-1386?
The affected software for CVE-2023-1386 is QEMU and Fedora 38.
How can this vulnerability be exploited?
This vulnerability can be exploited by a local user in the guest writing an executable file with SUID or SGID.
Are there any fixes available for CVE-2023-1386?
Yes, fixes are available. Please refer to the provided references for more information.

collector/nvd-index
agent/author
agent/type
agent/softwarecombine
agent/first-publish-date
agent/weakness
agent/severity
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/title
agent/references
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-1386
agent/last-modified-date
agent/tags
collector/nvd-latest
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/qemu
canonical/qemu qemu
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/38

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.