CVE-2021-32847

Moby HyperKit uninitialized memory use in virtio-sock pci_vtsock_proc_tx

CVSS 7.1 HIGHEPSS 0.4%CWE-125

In short

A malicious guest operating system can exploit a flaw in HyperKit's disk driver to read sensitive memory from the host machine. This allows attackers running inside a virtual machine to steal confidential data from the host system.

Technical detail

An uninitialized memory vulnerability in the virtio-sock PCI device handler (pci_vtsock_proc_tx) allows a guest with disk access to trigger information disclosure of host memory. The attack requires the attacker to control the guest OS and leverage the disk driver interface; successful exploitation results in confidentiality breach of host memory contents.

Summary generated and translated by AI from the official description.

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed in commit cf60095a4d8c3cb2e182a14415467afd356e982f.

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected products

moby · hyperkit

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/moby/hyperkit/blob/2f061e447e1435cdf1b9eda364cea6414f2c606b/src/lib/pci_virtio_block.c#L316 https://github.com/moby/hyperkit/commit/cf60095a4d8c3cb2e182a14415467afd356e982f https://securitylab.github.com/advisories/GHSL-2021-058-moby-hyperkit/