Demimarie

**Name of the Vulnerable Software and Affected Versions** Cloud Hypervisor versions 34.0 through 50.0 **Description** Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block devices with raw images. The guest can modify its disk header to include a crafted QCOW2 structure that points to a sensitive file on the host system. When the VM boots or a disk scan occurs, the image format detection process can then serve the contents of the host file to the guest. A guest-initiated reboot is enough to trigger the disk scan. Exploitation requires the backing image to be writable by the guest or sourced from an untrusted location. **Recommendations** Versions prior to 50.1 should be updated. Enable land lock sandboxing. Restrict process privileges and access.