The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| vde_project | vde | * |