CVE-2026-27211

Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 34.0 through 50.0

Description Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block devices with raw images. The guest can modify its disk header to include a crafted QCOW2 structure that points to a sensitive file on the host system. When the VM boots or a disk scan occurs, the image format detection process can then serve the contents of the host file to the guest. A guest-initiated reboot is enough to trigger the disk scan. Exploitation requires the backing image to be writable by the guest or sourced from an untrusted location.

Recommendations Versions prior to 50.1 should be updated. Enable land lock sandboxing. Restrict process privileges and access.