CVE-2023-30612

Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 30.0 through 31.0

Description This issue allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP requests through the HTTP API socket, potentially causing Deny-of-Service (DoS) and possibly a Use-After-Free (UAF) vulnerability. Users need write access to the API socket file to trigger this issue. The vulnerability was initially detected by the http api fuzzer via oss-fuzz.

Recommendations For Cloud Hypervisor versions 30.0 through 31.0, upgrade to version 30.1 or 31.1 to resolve the issue. For users unable to upgrade, ensure the write access to the API socket file is granted to trusted users only as a mitigation measure.