13 matches found
Arbitrary File Read And Write
kubevirt.io/kubevirt is vulnerable to an Arbitrary file read and write. The vulnerability is due to a logic flaw in the hostDisk feature’s DiskOrCreate option, which allows an attacker to read and write arbitrary files owned by more privileged users on the host system...
CVE-2025-64324
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
SUSE CVE-2025-64324
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
CVE-2025-64324
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
AZL-70414 CVE-2025-64324 affecting package kubevirt for versions less than 1.6.3-1
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
AZL-70463 CVE-2025-64324 affecting package kubevirt for versions less than 0.59.0-31
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
CVE-2025-64324
KubeVirt’s hostDisk DiskOrCreate logic bug allows an attacker to read and write arbitrary files owned by more privileged users on the host, prior to fixes in 1.6.1 and 1.7.0. A patched version is available (e.g., 1.6.1/1.7.0); SUSE notes 1.6.3 as containing the fix.
CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
Kubevirt 安全漏洞
Kubevirt is an open source virtual machine manager from KubeVirt. A security vulnerability exists in Kubevirt versions prior to 1.6.1 and prior to 1.7.0, which stems from a logic error in the hostDisk function that could result in reading and writing arbitrary files...
KubeVirt Vulnerable to Arbitrary Host File Read and Write
Summary The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, the implementation of this feature and more specifically the DiskOrCreate option which creates a file if it doesn't exist, has a logic bug that allows an attacker t...
GHSA-46XP-26XH-HPQH KubeVirt Vulnerable to Arbitrary Host File Read and Write
Summary The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, the implementation of this feature and more specifically the DiskOrCreate option which creates a file if it doesn't exist, has a logic bug that allows an attacker t...