2 matches found
CVE-2026-33711
CVE-2026-33711 affects Incus: the VM VGA screenshot path uses a predictable /tmp file (incus_screenshot_). If an attacker has local access and kernel protected_symlinks is disabled, they can pre-place symlinks to point to host files, cause truncation and ownership changes via the QEMU screenshot ...
CVE-2026-33711
Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...