KubeVirt contains a logic flaw in its hostDisk handling that can allow a VM to cause the node to read or be forced to write arbitrary host files — a high-severity host-file access bug tracked as CVE-2025-64324 and patched in the 1.6.1 and 1.7.0 releases.
Background / Overview
KubeVirt is an...
