A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
| Link | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-21-159/ | third party advisory vdb entry |
| https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html | third party advisory mailing list |
| https://bugzilla.redhat.com/show_bug.cgi?id=1927007 | patch third party advisory issue tracking |
| https://security.netapp.com/advisory/ntap-20210720-0009/ | third party advisory |
| https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html | third party advisory mailing list |