This is fixed upstream by https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
-- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1812451 Title: In windows host, tftp arbitrary file read vulnerability Status in QEMU: Fix Committed Bug description: https://github.com/qemu/qemu/blob/master/slirp/tftp.c#L343 if (!strncmp(req_fname, "../", 3) || req_fname[strlen(req_fname) - 1] == '/' || strstr(req_fname, "/../")) { tftp_send_error(spt, 2, "Access violation", tp); return; } There is file path check for not allowing escape tftp directory. But, in windows, file path is separated by "\" backslash. So, guest can read arbitrary file in Windows host. This bug is variant of CVE-2019-2553 - Directory traversal vulnerability. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1812451/+subscriptions