漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Kubevirt: kubevirt: vm administration denial of service via guest agent
Vulnerability Description
A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, can exploit this by causing the agent to report an excessive number of network interfaces. This action can overwhelm the system's ability to store VM configuration updates, effectively blocking changes to the Virtual Machine Instance (VMI). This allows the VM user to restrict the VM administrator's ability to manage the VM, leading to a denial of service for administrative operations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Kubevirt 安全漏洞
Vulnerability Description
Kubevirt是KubeVirt开源的一款虚拟机管理器。 Kubevirt存在安全漏洞,该漏洞源于虚拟机用户可导致代理报告过多网络接口,可能阻塞虚拟机配置更新,导致管理操作被拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A