Description
An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries (multipass, qemu-img, qemu-system-aarch64, qemu-system-x86_64, and sshfs_server) in /Library/Application Support/com.canonical.multipass/bin/ retain ownership by the installing user and remain writable. Because the root LaunchDaemon (com.canonical.multipassd.plist) configures a PATH environment variable that prioritizes this user-writable directory and invokes these auxiliary binaries by their bare names, a local attacker can replace an auxiliary binary (such as qemu-img) with a malicious wrapper. When the root daemon subsequently triggers the binary during routine execution (e.g., via multipass launch), the malicious code executes with root privileges, leading to local privilege escalation.
Published: 2026-05-28
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An incomplete fix for a previous vulnerability left five auxiliary binaries, such as qemu-img and sshfs_server, writable by the user who installed Canonical Multipass on macOS. These binaries are invoked by the root‑privileged Multipass daemon through a PATH variable that prioritizes the user‑writable directory. A local attacker can replace one of these binaries with a malicious wrapper that the daemon will execute with root privileges, achieving privilege escalation. The weakness is reflected in CWE-276, which describes changes to the permissions of an object by a privileged process.

Affected Systems

Canonicals Multipass for macOS, versions earlier than 1.16.3. Systems that installed the product from the default installer and did not apply the 1.16.3 update are affected. The vulnerability specifically involves binaries located in /Library/Application Support/com.canonical.multipass/bin/, including multipass, qemu-img, qemu-system-aarch64, qemu-system-x86_64, and sshfs_server.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity vulnerability. No EPSS score is available, but the vulnerability remains in the local threat space, requiring a user with administrative access to the machine to trigger the exploit. Since the issue is not listed in the CISA KEV catalog, there is no confirmed public exploitation yet, yet the combination of root‑level execution and user‑writable binaries makes it a serious local risk.

Generated by OpenCVE AI on May 28, 2026 at 15:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Canonical Multipass to version 1.16.3 or later, which sets proper ownership for all auxiliary binaries.
  • Confirm that the multipassd daemon binary is owned by root:wheel and that no other binaries in /Library/Application Support/com.canonical.multipass/bin/ are writable by non‑root users.
  • Remove or bypass the PATH setting in the root LaunchDaemon that prioritizes the user‑writable directory, or relocate the binaries to a secure system location where only root can write.

Generated by OpenCVE AI on May 28, 2026 at 15:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical multipass
Vendors & Products Canonical
Canonical multipass

Thu, 28 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 28 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries (multipass, qemu-img, qemu-system-aarch64, qemu-system-x86_64, and sshfs_server) in /Library/Application Support/com.canonical.multipass/bin/ retain ownership by the installing user and remain writable. Because the root LaunchDaemon (com.canonical.multipassd.plist) configures a PATH environment variable that prioritizes this user-writable directory and invokes these auxiliary binaries by their bare names, a local attacker can replace an auxiliary binary (such as qemu-img) with a malicious wrapper. When the root daemon subsequently triggers the binary during routine execution (e.g., via multipass launch), the malicious code executes with root privileges, leading to local privilege escalation.
Title Local Privilege Escalation in Canonical Multipass
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Canonical Multipass
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T15:15:27.077Z

Reserved: 2026-05-28T12:03:02.295Z

Link: CVE-2026-49237

cve-icon Vulnrichment

Updated: 2026-05-28T15:15:23.629Z

cve-icon NVD

Status : Received

Published: 2026-05-28T14:16:24.270

Modified: 2026-05-28T14:16:24.270

Link: CVE-2026-49237

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T16:45:20Z

Weaknesses