OpenVZ Critical Vulnerability


    OpenVZ simfs container restrictions bypass - CVE-2014-3519.

    It is possible to access files outside your container.

    The open_by_handle_at () function allows you to access files on a mounted file system using the file_handle structure.

    This allows an attacker to bypass simfs restrictions and gain access to all files on the main file system, including other virtual machines located on the same file system.

    Read more:

    OpenVZ simfs container filesystem breakout

    CU-2.6.32-042stab090.5 Parallels Virtuozzo Containers 4.7 Core Update


    Also popular now: