CVE-2026-49238

8.4 HIGH

An issue was discovered in Canonical Multipass before version 1.16.3

Published: 2026-05-28 · Last updated: 2026-06-01

Severity and scoring

CVSS: 8.4 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
CWE: CWE-22

Affected products

Vendor	Product
canonical	multipass

Description

An issue was discovered in Canonical Multipass before version 1.16.3. The host-side SFTP server component (sshfs_server), which executes with root privileges on the host, contains a path containment bypass vulnerability within its validate_path function in src/sshfs_mount/sftp_server.cpp. The function performs a plain string prefix comparison on requested paths without path separator validation or dot-dot (..) normalization. A local attacker with root privileges inside a guest virtual machine can bypass the FUSE layer by injecting raw SFTP frames (such as an SSH_FXP_OPEN request) directly into the sshfs_server process stdin/stdout pipes via procfs. By supplying a path containing directory traversal sequences that match the allowed mount prefix, the attacker can force the host-side root process to resolve the traversal and open files outside the designated mount boundary. This allows a guest-side user to read arbitrary files on the host filesystem, resulting in a virtual machine escape.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-49238
[Exploit reference]https://github.com/canonical/multipass/security/advisories/GHSA-rhp2-23c4-r34w
[Exploit reference]https://github.com/canonical/multipass/security/advisories/GHSA-rhp2-23c4-r34w

Related CVEs

Same vendor

CVE-2026-47337 — Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket ... (3.3 LOW)
CVE-2026-47336 — Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code (3.3 LOW)
CVE-2026-47335 — Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications (5.5 MEDIUM)
CVE-2026-47334 — Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code (5.5 MEDIUM)
CVE-2026-47333 — Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, l... (7.8 HIGH)

Same CWE

CVE-2026-48777 — FileBrowser Quantum is a free, self-hosted, web-based file manager
CVE-2026-8442 — The WP Review Slider Pro plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 12.6.8 (8.1 HIGH)
CVE-2026-49766 — Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions (9.9 CRITICAL)
CVE-2026-49061 — Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions (7.5 HIGH)
CVE-2026-40779 — Contributor Arbitrary File Deletion in Link Library <= 7.8.8 versions (7.7 HIGH)