Vzctl
Monthly
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. Public exploit code available.
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. Public exploit code available.