Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2023-4135

Published: 4 August 2023

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.

Notes

AuthorNote
mdeslaur
introduced in 8.0.0-rc0 by
https://gitlab.com/qemu-project/qemu/-/commit/73064edfb864743cde2c08f319609344af02aeb3

Priority

Medium

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
upstream Needs triage

bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
jammy Not vulnerable
(code not present)
lunar Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
mantic Needed

Patches:
upstream: https://gitlab.com/qemu-project/qemu/-/commit/ecb1b7b082d3b7dceff0e486a114502fc52c0fdf

Severity score breakdown

Parameter Value
Base score 6.5
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Changed
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N