A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 20 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 20 Sep 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak. |
Title | qemu-kvm: information leak in virtio devices | Qemu-kvm: information leak in virtio devices |
First Time appeared |
Redhat
Redhat advanced Virtualization Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:advanced_virtualization:8::el8 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat advanced Virtualization Redhat enterprise Linux |
|
References |
|
Fri, 20 Sep 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | qemu-kvm: information leak in virtio devices | |
Weaknesses | CWE-200 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-09-20T17:50:21.635Z
Updated: 2024-11-13T14:27:04.928Z
Reserved: 2024-09-09T16:25:22.769Z
Link: CVE-2024-8612
Vulnrichment
Updated: 2024-11-08T15:02:52.687Z
NVD
Status : Awaiting Analysis
Published: 2024-09-20T18:15:04.743
Modified: 2024-11-21T09:53:26.790
Link: CVE-2024-8612
Redhat