Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Moby HyperKit uninitialized memory use in virtio-sock pci_vtsock_proc_tx
Vulnerability Description
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed in commit cf60095a4d8c3cb2e182a14415467afd356e982f.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
跨界内存读
Vulnerability Title
HyperKit 缓冲区错误漏洞
Vulnerability Description
HyperKit是Moby开源的一个用于在应用程序中嵌入虚拟机监控程序功能的工具包。 HyperKit 0.20210107及之前版本存在安全漏洞,该漏洞源于恶意攻击者可以通过滥用磁盘驱动器触发主机中的漏洞,可能会导致主机内存泄露。
CVSS Information
N/A
Vulnerability Type
N/A