The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation.
References
Link | Resource |
---|---|
https://github.com/canonical/multipass/pull/2150 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2021-07-01T00:00:00
Updated: 2021-10-01T02:35:19
Reserved: 2021-06-29T00:00:00
Link: CVE-2021-3626
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-01T03:15:06.913
Modified: 2022-10-27T13:02:41.603
Link: CVE-2021-3626
JSON object: View
Redhat Information
No data.