Bugzilla – Bug 1161180
VUL-0: CVE-2020-7211: kvm,qemu: potential directory traversal using relative paths via tftp server on Windows host
Last modified: 2020-06-09 19:47:25 UTC
CVE-2020-7211 A potential directory traversal issue was found in the tftp server of the SLiRP user-mode networking implementation used by QEMU. It could occur on Windows host, as it allows to use both forward ('/') and backward slash('\') tokens as separators in a file path. A user able to access the tftp server could use this flaw to access undue files by using relative paths. Upstream patch: --------------- -> https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 Reference: ---------- -> https://www.openwall.com/lists/oss-security/2020/01/17/2 References: https://bugzilla.redhat.com/show_bug.cgi?id=1792130 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7211 http://seclists.org/oss-sec/2020/q1/15 https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
Tracked as affected the following: kvm --> SLE11-SP1, SLE11-SP3 qemu --> SLE11, SLE12-SP1,2,3,4,5, SLE15,SLE15-SP1
The fix is specifically for a Windows build of qemu, and hence doesn't affect our products.