A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 6 | Medium | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H |
| Product | Vendor | Version |
|---|---|---|
| Extra Packages for Enterprise Linux | Fedora | Windows 10 Version 1809 for x64-based Systems |
| Fedora | Fedora | < 2.5.0 |
| Red Hat Enterprise Linux 9 | Red Hat | < 5.12.5 |
| Red Hat Enterprise Linux 6 | Red Hat | <= 12.2.13 |
| Red Hat Enterprise Linux 7 | Red Hat | Windows 10 Version 1607 for 32-bit Systems |
| Red Hat Enterprise Linux 8 Advanced Virtualization | Red Hat | Windows 10 Version 1803 for ARM64-based Systems |
| Red Hat Enterprise Linux 8 | Red Hat | Windows 10 Version 1709 for x64-based Systems |
| qemu | n/a | <= 2.4.4-p2 |