{"id":"CVE-2020-10717","details":"A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version \u003e= v5.0. Virtio-fs is meant to share a host file system directory with a guest via virtio-fs device. If the guest opens the maximum number of file descriptors under the shared directory, a denial of service may occur. This flaw allows a guest user/process to cause this denial of service on the host.","modified":"2026-03-19T12:39:22.183823Z","published":"2020-05-04T21:15:11.880Z","related":["openSUSE-SU-2024:11287-1"],"references":[{"type":"ADVISORY","url":"https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg00141.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202011-09"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10717"},{"type":"FIX","url":"https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg00143.html"},{"type":"FIX","url":"https://www.openwall.com/lists/oss-security/2020/05/04/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/qemu/qemu","events":[{"introduced":"fdd76fecdde1ad444ff4deb7f1c4f7e4a1ef97d6"},{"fixed":"386b2a5767f7642521cd07930c681ec8a6057e60"}],"database_specific":{"versions":[{"introduced":"5.0"},{"fixed":"5.0.1"}]}}],"versions":["v5.0.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10717.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}]}