Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisor
Vulnerability Description
Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily crashed, causing Deny-of-Service (DoS). This can also be a potential Use-After-Free (UAF) vulnerability. Users require to have the write access to the API socket file to trigger this vulnerability. Impacted versions of Cloud Hypervisor include upstream main branch, v31.0, and v30.0. The vulnerability was initially detected by our `http_api_fuzzer` via oss-fuzz. This issue has been addressed in versions 30.1 and 31.1. Users unable to upgrade may mitigate this issue by ensuring the write access to the API socket file is granted to trusted users only.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Cloud hypervisor 资源管理错误漏洞
Vulnerability Description
Cloud hypervisor是Cloud hypervisor公司的适用于现代云工作负载的虚拟机监视器。 Cloud hypervisor存在访问控制错误漏洞,该漏洞源于允许用户通过HTTP API套接字发送恶意HTTP请求,攻击者利用该漏洞可以导致拒绝服务(DoS)。
CVSS Information
N/A
Vulnerability Type
N/A