CNNVD-202507-1698 Information

CNNVD ID

CNNVD-202507-1698

Related CVE

CVE-2025-5199

• CNNVD Published: 2025-07-12

Description (Chinese)

Canonical Multipass是Canonical开源的一个Ubuntu的虚拟实例。 Canonical Multipass 1.15.1及之前版本存在安全漏洞，该漏洞源于macOS上默认权限不正确，可能导致本地攻击者提升权限。

Description (English)

Canonical Multipass is a virtual Ubuntu example of Canonical open source. There is a security loophole in Canonical Multipass 1.15.1 and previous versions, which stems from the incorrect default authority on the MacOS, which may lead to local attackers increasing their authority.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

科能软件

Published

2025-07-12

Last Modified

2026-02-24

References

https://github.com/canonical/multipass/security/advisories/GHSA-2j82-p5cq-62p3 https://github.com/canonical/multipass/pull/4115 https://access.redhat.com/security/cve/cve-2025-5199 https://nvd.nist.gov/vuln/detail/CVE-2025-5199

Patch

https://github.com/canonical/multipass/releases