Read-only volume remount bypass via guest CAP_SYS_ADMIN

Affected versions of boxlite mount host directories shared via virtiofs as guest-side read-only by setting MSRDONLY from the guest. Because the default guest capability set included CAPSYSADMIN, untrusted code running inside a sandbox could execute mount -o remount,rw to re-flag the share as...

openSUSE: Security Advisory for libvirt (openSUSE-SU-2013:0274-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...