CVE-2026-27211
中文标题:
(暂无数据)
英文标题:
Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
漏洞描述
中文描述:
(暂无数据)
英文描述:
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration (constrained by process privileges) when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted QCOW2 structure pointing to a sensitive host path. Upon the next VM boot or disk scan, the image format auto-detection parses this header and serves the host file's contents to the guest. Guest-initiated VM reboots are sufficient to trigger a disk scan and do not cause the Cloud Hypervisor process to exit. Therefore, a single VM can perform this attack without needing interaction from the management stack. Successful exploitation requires the backing image to be either writable by the guest or sourced from an untrusted origin. Deployments utilizing only trusted, read-only images are not affected. This issue has been fixed in version 50.1. To workaround, enable land lock sandboxing and restrict process privileges and access.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| cloud-hypervisor | cloud-hypervisor | >= 34.0, < 50.1 | - | - |
cpe:2.3:a:cloud-hypervisor:cloud-hypervisor:>=_34.0,_<_50.1:*:*:*:*:*:*:*
|
| cloudhypervisor | cloud_hypervisor | * | - | - |
cpe:2.3:a:cloudhypervisor:cloud_hypervisor:*:*:*:*:*:rust:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
CVSS评分详情
4.0 (cna)
CRITICALCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2026-27211 |
2026-02-22 03:19:44 | 2026-02-21 22:00:00 |
| NVD | nvd_CVE-2026-27211 |
2026-02-22 02:00:04 | 2026-02-21 22:00:01 |
版本与语言
安全公告
变更历史
查看详细变更
- affected_products_count: 1 -> 2
查看详细变更
- data_sources: ['cve'] -> ['cve', 'nvd']