Lucene search
K

4 matches found

OSV
OSV
added 2026/02/21 6:17 a.m.5 views

AZL-78282 CVE-2026-27211 affecting package cloud-hypervisor 48.0.246-1

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

10CVSS5.7AI score0.005EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/21 5:36 a.m.23 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS0.005EPSS
Exploits1References7
OSV
OSV
added 2018/07/02 5:29 p.m.3 views

DEBIAN-CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS9AI score0.02554EPSS
Exploits0References1
OSV
OSV
added 2015/10/01 8:59 p.m.4 views

UBUNTU-CVE-2015-7311

libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image...

3.6CVSS7.2AI score0.00417EPSS
Exploits0References3
Rows per page
Query Builder