Moby HyperKit uninitialized memory use in virtio-sock pci_vtsock_proc_tx
CVE-2021-32847
7.1HIGH
What is CVE-2021-32847?
HyperKit is a powerful toolkit that enables embedding hypervisor capabilities within applications. A vulnerability exists in versions 0.20210107 and earlier where a malicious guest could exploit the disk driver, potentially allowing it to access the host's memory. This is a significant security concern as it may lead to unauthorized information disclosure from the host to the guest system. This issue has been addressed in a subsequent fix, enhancing the security posture of the product.
Affected Version(s)
hyperkit 0.20210107