3 matches found
CVE-2023-32684
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...
CVE-2023-32684 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...
CVE-2023-32684
Lima (Linux VMs on macOS) prior to v0.16.0 allowed a malicious disk image to read a single host file via a qcow2/vmdk backing file path embedded in the image. It relies on the backing file path string from the instance directory, but Lima does not run as root, limiting full-disk access. The issue...