CVE-2026-53657: CWE-276: Incorrect Default Permissions in lima-vm lima
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to 2.1.3, on an instance of Lima running with the qemu driver, an arbitrary user in the VM could access…
Read the full articleYou might also wanna read
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host ke
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host ke
Analyzing CVE-2026-31431: How Rootless Podman Containers Mitigate the "Copy Fail" Privilege Escalation
In the previous post about SELinux MCS and GitLab runners, I briefly mentioned CVE-2026-31431 (“Copy Fail”) as a motivating example for per-
15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take
OpenBSD/arm64 Now Compatible as Guest OS Under Apple Hypervisor
Following a recent series of commits by Helg Bredow (helg@) and Stefan Fritsch (sf@), OpenBSD/arm64 now works as a guest operating system un
Making io_uring pervasive in QEMU [pdf]
Article URL: Comments URL: Points: 14 # Comments: 0

Comments
Sign in to join the conversation.
No comments yet. Be the first.