1
2
3
4
5
6
7
8
9
10
11
12
13
|
<think>
Alright, I'm trying to classify this bug report about QEMU into one of the given categories. Let's see what the issue is.
The bug report mentions a vulnerability in TFTP where a guest can read arbitrary files on the Windows host. The problem arises because the code checks for path traversal using '/' but not '\', which is used in Windows paths. So, the current check isn't effective against backslashes, allowing the exploit.
Looking at the provided categories: mistranslation, assembly, other, device, graphic, socket, network, KVM, boot, vnc, debug, files, permissions, performance, kernel, peripherals, hypervisor.
The issue here is related to file handling and permissions. The TFTP server isn't properly restricting file access, leading to a security vulnerability where guests can read host files. This falls under the category of 'files' because it's about how files are accessed and handled.
I don't think it's 'mistranslation' because that's more about incorrect mapping from source to target. It's not related to network in a way that's beyond just file serving, so 'network' might be too broad. The issue is specifically about file access permissions.
</think>
files
|