Denial of Service Vulnerability in HyperKit by Moby
CVE-2021-32843
6.2MEDIUM
What is CVE-2021-32843?
HyperKit, a toolkit utilized for embedding hypervisor capabilities into applications, includes a vulnerability in the virtio.c
file. In versions 0.20210107 and earlier, a null check oversight in the vc_cfgread
function can lead to host crashes when invoked. This flaw may enable a guest to inadvertently create conditions that result in a denial of service, impairing the host's functionality. A fix has been implemented in commit df0e46c7dbfd81a957d85e449ba41b52f6f7beb4, addressing this critical issue.
Affected Version(s)
hyperkit 0.20210107