CVE-2023-0664

A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agents Windows installer via repair custom actions to elevate their privileges on the system.

Weakness

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Affected Software

Potential Mitigations

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/104.html
• https://cwe.mitre.org/data/definitions/470.html
• https://cwe.mitre.org/data/definitions/69.html

References

• https://bugzilla.redhat.com/show_bug.cgi?id=2167423
• https://gitlab.com/qemu-project/qemu/-/commit/07ce178a2b0768eb9e712bb5ad0cf6dc7fcf0158
• https://gitlab.com/qemu-project/qemu/-/commit/88288c2a51faa7c795f053fc8b31b1c16ff804c5
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEOC7SRJWLZSXCND2ADFW6C76ZMTZLE4/
• https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg01445.html
• https://security.netapp.com/advisory/ntap-20230517-0005/
• https://bugzilla.redhat.com/show_bug.cgi?id=2167423
• https://gitlab.com/qemu-project/qemu/-/commit/07ce178a2b0768eb9e712bb5ad0cf6dc7fcf0158
• https://gitlab.com/qemu-project/qemu/-/commit/88288c2a51faa7c795f053fc8b31b1c16ff804c5
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEOC7SRJWLZSXCND2ADFW6C76ZMTZLE4/
• https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg01445.html
• https://security.netapp.com/advisory/ntap-20230517-0005/