A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Sat, 14 Sep 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-02T09:15:08.280Z
Updated: 2024-11-15T15:15:02.684Z
Reserved: 2023-12-11T17:20:44.491Z
Link: CVE-2023-6693
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-02T10:15:08.930
Modified: 2024-11-21T08:44:22.490
Link: CVE-2023-6693
Redhat