47 matches found
EUVD-2021-19577
Malware in sbrugna...
EUVD-2021-19575
Malware in sbrugna...
EUVD-2021-19579
Malware in sbrugna...
EUVD-2021-19576
Malware in sbrugna...
CVE-2021-32843
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, virtio.c has is a call to vccfgread that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial o...
CVE-2021-32846
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function pcivtsockproctx in virtio-sock can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to VTSOCKMAXSEGS, but that check is...
CVE-2021-32844
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, vipciwrite has is a call to vccfgwrite that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denia...
CVE-2021-32847
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed ...
CVE-2021-32845
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of qnotify at pcivtrndnotify fails to check the return value of vqgetchain. This leads to struct iovec iov; being uninitialized and used to read memory i...
Information Disclosure
github.com/moby/hyperkit is vulnerable to Information Disclosure. The vulnerability exists in the pcivtblkproc function of pcivirtioblock.c, which leads to the disclosure of host memory into the virtualized guest...
CVE-2021-32847
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed ...
CVE-2021-32847
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed ...
Design/Logic Flaw
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed ...
CVE-2021-32847 Moby HyperKit uninitialized memory use in virtio-sock pci_vtsock_proc_tx
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed ...
HyperKit 缓冲区错误漏洞
HyperKit is a Moby open source toolkit for embedding virtual machine monitor functionality in applications. A security vulnerability exists in HyperKit 0.20210107 and earlier versions, which stems from a vulnerability in the host computer that can be triggered by a malicious attacker through misu...
CVE-2021-32847 Moby HyperKit uninitialized memory use in virtio-sock pci_vtsock_proc_tx
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed ...
PT-2023-1857 · Hyperkit · Hyperkit
Name of the Vulnerable Software and Affected Versions: HyperKit versions 0.20210107 and prior Description: The issue is related to a buffer overflow in memory, which can be exploited by a malicious guest to gain unauthorized access to protected information. This is achieved by abusing the disk...
CVE-2021-32847
HyperKit versions 0.20210107 and earlier are affected by a vulnerability in the disk driver that can cause host memory disclosure to a malicious guest. The issue is described as a memory-related flaw (uninitialized memory use) in the PCI virtio block path (pci_vtsock_proc_tx) and is associated wi...
CVE-2021-32846
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function pcivtsockproctx in virtio-sock can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to VTSOCKMAXSEGS, but that check is...
CVE-2021-32846
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function pcivtsockproctx in virtio-sock can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to VTSOCKMAXSEGS, but that check is...