9 matches found
Fedora 43 : yelp (2026-7c3b91a2bc)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7c3b91a2bc advisory. Yelp 49.1, fixing: Flatpak applications are able to exfiltrate host files due to yelp's CSP being too permissive Tenable has extracted the preceding...
Exploit for External Control of File Name or Path in Cloudhypervisor Cloud_Hypervisor
version Vulnerability CVE-2026-27211 Overview A CRITICA...
CVE-2026-27211
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
AZL-78282 CVE-2026-27211 affecting package cloud-hypervisor 48.0.246-1
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211
Cloud Hypervisor (versions 34.0–50.0) is vulnerable to arbitrary host file exfiltration when using virtio-block devices backed by raw images. A malicious guest can overwrite a disk header with a crafted QCOW2 structure pointing to a sensitive host path; on the next VM boot or disk scan, image for...