Two vulnerabilities in kvmtool allow malicious guest VMs to compromise the host: a high-severity memory management flaw (CVE-2021-45464, CVSS 8.8) leading to host crashes or code execution, and a medium-severity 9p filesystem handling flaw (CVE-2023-2861, CVSS 6.0) allowing escape from the exported tree and host code execution. The NVD data indicates CVE-2023-2861 affects QEMU versions prior to 8.1.0, which is the fixed version.
It was discovered that kvmtool did not properly manage memory under certain circumstances. A malicious guest attacker could use this issue to cause kvmtool to crash, leading to a denial of service, or possibly execute arbitrary code on the host system. (CVE-2021-45464) It was discovered that kvmtool incorrectly handled the 9p passthrough file system. A malicious guest attacker could possibly use this issue to open special files, escape the exported 9p tree, and execute arbitrary code on the host system. (CVE-2023-2861)