A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot.
History
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-11-03T13:58:50.085Z

Updated: 2024-11-15T16:33:27.071Z

Reserved: 2023-09-20T14:21:47.295Z

Link: CVE-2023-5088

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-03T14:15:08.560

Modified: 2024-11-21T08:41:02.500

Link: CVE-2023-5088

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-09-21T00:00:00Z

Links: CVE-2023-5088 - Bugzilla