70 matches found
PYSEC-2026-299 BoxLite: Permission Bypass Allows Modification of Read-Only Files
Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode readonly=True into the V...
GO-2026-5042 Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers
Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers...
Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs
Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...
CLSA-2026-1779375889 kernel: Fix of 95 CVEs
perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fsdax: The infinite loop in daxiomaprw has been fixed. I encountered an infinite loop and a warning message when executing the tail command in virtiofs. Warning: CPU: 10; PID: 964; Location: fs/iomap/iter.c:34,...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: virtiofs: fixed a memory leak in virtiofsprobe When the same tag was accidentally passed twice to qemu, kmemleak ended up reporting a memory leak in virtiofs. Additionally, looking at the log, I noticed the following error which...
RUSTSEC-2026-0147 Read-only volume remount bypass via guest CAP_SYS_ADMIN
Affected versions of boxlite mount host directories shared via virtiofs as guest-side read-only by setting MSRDONLY from the guest. Because the default guest capability set included CAPSYSADMIN, untrusted code running inside a sandbox could execute mount -o remount,rw to re-flag the share as...
Read-only volume remount bypass via guest CAP_SYS_ADMIN
Affected versions of boxlite mount host directories shared via virtiofs as guest-side read-only by setting MSRDONLY from the guest. Because the default guest capability set included CAPSYSADMIN, untrusted code running inside a sandbox could execute mount -o remount,rw to re-flag the share as...
PT-2026-42209
Name of the Vulnerable Software and Affected Versions Boxlite versions prior to 0.9.0 Description Boxlite is a sandbox service that allows users to create lightweight virtual machines and launch OCI containers to run untrusted code. The software fails to properly enforce read-only mounts for host...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: virtiofs: added a check for the filesystem context source name In certain scenarios, for example during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an additional check for the source...
ROS-20260126-73-0053
A vulnerability in the virtiofs component of the Linux operating system kernel is related to improper validation of a function's return value. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37773)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37773 advisory. - In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source...
EUVD-2024-51891
Malicious code in bioql PyPI...
EUVD-2025-13040
Malicious code in bioql PyPI...
virtiofs: use pages instead of pointer for kernel direct IO
...
Linux Distros Unpatched Vulnerability : CVE-2025-37773
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a...
Linux Distros Unpatched Vulnerability : CVE-2021-46956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virtiofs: fix memory leak in virtiofsprobe When accidentally passing twice the same tag to...
virtiofs: add filesystem context source name check
...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-079)
The version of kernel installed on the remote host is prior to 5.15.182-123.190. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-079 advisory. In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between...
SUSE CVE-2025-37773
In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...