Cisco Blogs

Vulnerability Spotlight: Joyent SmartOS

December 13, 2016 - 1 Comment

Vulnerability discovered by Tyler Bohan


Talos is disclosing a series of vulnerabilities in Joyent SmartOS, specifically in the Hyprlofs filesystem. SmartOS is an open source hypervisor that is based on a branch of Opensolaris. Hyperlofs is a SmartOS in-memory filesystem that allows users to map files from various different locations under a single namespace.  Additionally, hyperlofs allows the creation of new virtual file systems quickly and easily. There are three core vulnerabilities that are being disclosed. However, since they are found in both the 32 and 64-bit versions there are a total of six CVE related to six Talos reports. For all of the vulnerabilities discussed an attacker would need the PRIV_HYPRLOFS_CONTROL privilege in order for them to be exploitable.



In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. keep up the proactive efforts.