CVE-2026-41567

CVE-2026-41567 affects Docker Engine and Moby earlier than 29.5.1 / moby/moby v2 before v2.0.0-beta.14. When uploading a compressed archive to a container via PUT /containers/{id}/archive or piping with docker cp -, the daemon resolves decompression binaries from the container filesystem rather t...

Astra Linux – Vulnerability in Qemu

A flaw was discovered in qemu. A host privilege escalation issue was identified in the virtio-fs shared file system daemon, where a privileged guest user is able to create a device-specific special file in the shared directory and use it to gain read/write access to host devices...

A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system.

...

CentOS 9 : qemu-kvm-6.1.0-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the qemu-kvm-6.1.0-3.el9 build changelog. - use-after-free during packet reassembly rhel-av-8 CVE-2019-15890 - A flaw was found in QEMU in the implementation of the Pointer...

SUSE CVE-2019-19580

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type...

CVE-2020-35517

A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...

Vulnerabilities fixed in VMware ESXi, Workstation and Fusion

VMWare has fixed two vulnerabilities in VMWare Workstation, ESXi and Fusion. A malicious person with authorization in a virtual environment could exploit the vulnerabilities to break out of the virtual environment and execute arbitrary code with the permissions of the virtualization process on th...

ALPINE-CVE-2020-25599

An issue was discovered in Xen through 4.14.x. There are evtchnreset race conditions. Uses of EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftreset by itself covered by XSA-77 can lead to the violation of various internal assumptions. This may lead to out of bounds memory accesses ...

DEBIAN-CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

ALPINE-CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

CVE-2017-12136

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service free list corruption and host crash or gain privileges on the host via vectors involving maptrack free list handling...

Debian DLA-571-1 : xen security update (Bunker Buster)

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2014-3672 XSA-180 Andrew Sorensen discovered that a HVM domain can exhaust the hosts disk space by filling up the log file. CVE-2016-3158,...

Matrix42 Remote Control Host 3.20.0031 Privilege Escalation

Exploit Title: Matrix42 Remote Control Host - Unquoted Path Privilege Escalation Date: 06-05-2016 Exploit Author: Roland C. Redl Vendor Homepage: https://www.matrix42.com/ Software Link: n/a Version: 3.20.0031 Tested on: Windows 7 Enterprise SP1 x64 CVE : n/a 1. Description: sc qc...

qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function

An out-of-bounds memory access flaw, leading to memory corruption or possibly an information leak, was found in QEMU's pitioportread function. A privileged guest user in a QEMU guest, which had QEMU PIT emulation enabled, could potentially, in rare cases, use this flaw to execute arbitrary code o...

NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability

------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0005 Synopsis: VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability Issue date: 2015-07-09 Updated on:...

kernel: vhost-net: insufficiency in handling of big packets in handle_rx()

drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service memory corruption and host OS crash or possibly gain privileges on the host OS via crafted packets,...

VMware Player 5.x < 5.0.3 Host Privilege Escalation (VMSA-2013-0013)

The installed version of VMware Player 5.x running on Linux is earlier than 5.0.3. It therefore reportedly contains a vulnerability in its handling of shared libraries. This issue may allow a local, malicious user to escalate privileges to root on the host. C Tenable Network Security, Inc...

virt: VT-d (PCI passthrough) MSI trap injection

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."...