CVE-2023-3180

Heap buffer overflow in virtio_crypto_sym_op_helper()

Published: 8/3/2023 Last updated: 9/25/2024 Reserved: 6/9/2023

A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	6	Medium	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Opam packages affected (2)

conf-qemu-img nbd-tool

Products affected (9)

Product	Vendor	Version
Fedora	Fedora	<= 5.10.*
Extra Packages for Enterprise Linux	Fedora	<= 5.10.*
Red Hat Enterprise Linux 6	Red Hat	< cb7a95af78d29442b8294683eca4897544b8ef46
Red Hat Enterprise Linux 7	Red Hat	<= 6.1.*
Red Hat Enterprise Linux 9	Red Hat	<= 6.1.*
Red Hat Enterprise Linux 7	Red Hat	4.7
Red Hat Enterprise Linux 8 Advanced Virtualization	Red Hat	< 22.4R3-S8
Red Hat Enterprise Linux 8 Advanced Virtualization	Red Hat	< 2.6.26
Red Hat Enterprise Linux 8	Red Hat	<= 5.10.*

CVE-2023-3180

Heap buffer overflow in virtio_crypto_sym_op_helper()

Metrics

Opam packages affected (2)

Products affected (9)

References (20)