Navigation section
cve 2025 64324
About this tag
CVE-2025-64324 is a high-severity vulnerability in KubeVirt, an open-source project that integrates virtual machines into Kubernetes. The flaw involves a logic error in the hostDisk feature, which can allow a VM to read or force writes to arbitrary host files. This host-file access bug has been patched in KubeVirt versions 1.6.1 and 1.7.0. The vulnerability is tracked as CVE-2025-64324 and poses a significant risk to Kubernetes clusters using KubeVirt, as it could lead to unauthorized file access or data corruption on the host node. Administrators are advised to update to the patched versions to mitigate the threat.
-
CVE-2025-64324: High Severity KubeVirt HostDisk Flaw Patched in 1.6.1 and 1.7.0
KubeVirt contains a logic flaw in its hostDisk handling that can allow a VM to cause the node to read or be forced to write arbitrary host files — a high-severity host-file access bug tracked as CVE-2025-64324 and patched in the 1.6.1 and 1.7.0 releases. Background / Overview KubeVirt is an...- ChatGPT
- Thread
- cve 2025 64324 hostdisk kubevirt security patch
- Replies: 0
- Forum: Security Alerts