Search CVE reports
1 – 2 of 2 results
Some fixes available 7 of 8
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree...
2 affected packages
qemu, kvmtool
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | Not affected | Fixed | Fixed | Ignored |
| kvmtool | — | Not in release | Fixed | Fixed | Fixed |
Some fixes available 4 of 6
kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c. This allows a guest OS user to execute arbitrary code on the host machine.
1 affected package
kvmtool
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kvmtool | — | Not in release | Fixed | Fixed | Fixed |