Out-of-bounds read information disclosure vulnerability
CVE-2023-4135

6.5MEDIUM

Key Information:

Vendor: Red Hat
Status: qemu-kvm; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8
Vendor: CVE Published:; 4 August 2023

Summary

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.

Affected Version(s)

qemu-kvm 8.1.0

References

https://access.redhat.com/security/cve/CVE-2023-4135

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2229101

issue-trackingx_refsource_REDHAT

https://www.zerodayinitiative.com/advisories/ZDI-CAN-21521

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 4, 2023
Vulnerability Reserved
Aug 3, 2023

Collectors

NVD DatabaseMitre Database

Credit

Red Hat would like to thank Trend Micro Zero Day Initiative for reporting this issue.