Medium4.2Red Hat Linux Updated
symlink following in WriteToCachedFile allows host file overwrite from virt-launcher
CVE-2026-13218 Published Jun 25, 2026Updated by vendor Jun 25, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
symlink following in WriteToCachedFile allows host file overwrite from virt-launcher. Red Hat rates this moderate (CVSS 4.2). Weakness: CWE-61.
Mitigation checklist
Recommended fix / mitigation
- Ensure virtual machines use the default masquerade network binding mode where possible. Restrict pods/exec access on virt-launcher pods to only trusted administrators. Review and restrict NetworkAttachmentDefinition resources to limit which namespaces can configure bridge-type network interfaces.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.