A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 13 Sep 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-11-03T13:58:50.085Z
Updated: 2024-11-15T16:33:27.071Z
Reserved: 2023-09-20T14:21:47.295Z
Link: CVE-2023-5088
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-03T14:15:08.560
Modified: 2024-11-21T08:41:02.500
Link: CVE-2023-5088
Redhat