### [CVE-2021-32847](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32847)
![](https://img.shields.io/static/v1?label=Product&message=hyperkit&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0.20210107%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%20Out-of-bounds%20Read&color=brightgreen)

### Description

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed in commit cf60095a4d8c3cb2e182a14415467afd356e982f.

### POC

#### Reference
- https://securitylab.github.com/advisories/GHSL-2021-058-moby-hyperkit/

#### Github
No PoCs found on GitHub currently.