155 matches found
CVE-2022-4450 affecting package cloud-hypervisor for versions less than 30.0-2
CVE-2022-4450 affecting package cloud-hypervisor for versions less than 30.0-2. An upgraded version of the package is available that resolves this issue...
AZL-25843 CVE-2023-28448 affecting package cloud-hypervisor for versions less than 30.0-2
Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the ‘Versionize::deserialize’ implementation provided by the ‘versionize’ crate for...
SUSE CVE-2020-2025
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
AZL-13301 CVE-2023-0215 affecting package cloud-hypervisor for versions less than 30.0-2
The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...
AZL-13701 CVE-2023-0286 affecting package cloud-hypervisor for versions less than 30.0-2
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...
AZL-13347 CVE-2022-4450 affecting package cloud-hypervisor for versions less than 30.0-2
The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...
AZL-13302 CVE-2022-4304 affecting package cloud-hypervisor for versions less than 30.0-2
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages fo...
AZL-42760 CVE-2022-37434 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
AZL-42715 CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
AZL-42759 CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
CVE-2020-2025
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
CVE-2020-2025
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
Design/Logic Flaw
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
CVE-2020-2025
CVE-2020-2025 affects Kata Containers before 1.11.0 on Cloud Hypervisor. The issue lets a malicious guest persist or overwrite the underlying image file, potentially gaining control of subsequent VMs. Because Kata uses a shared VM image across VMMs, this may also impact QEMU and Firecracker based...
CVE-2020-2025 Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...