A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-01-02T09:15:08.280Z

Updated: 2024-11-15T15:15:02.684Z

Reserved: 2023-12-11T17:20:44.491Z

Link: CVE-2023-6693

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-02T10:15:08.930

Modified: 2024-11-21T08:44:22.490

Link: CVE-2023-6693

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-02T00:00:00Z

Links: CVE-2023-6693 - Bugzilla