vulnerability
Red Hat: CVE-2023-6693: QEMU: virtio-net: stack buffer overflow in virtio_net_flush_tx() (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:H/Au:N/C:P/I:P/A:P) | 01/02/2024 | 05/23/2024 | 05/23/2024 |
Severity
4
CVSS
(AV:L/AC:H/Au:N/C:P/I:P/A:P)
Published
01/02/2024
Added
05/23/2024
Modified
05/23/2024
Description
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
Solution(s)
redhat-upgrade-hivexredhat-upgrade-hivex-debuginforedhat-upgrade-hivex-debugsourceredhat-upgrade-hivex-develredhat-upgrade-libguestfsredhat-upgrade-libguestfs-applianceredhat-upgrade-libguestfs-bash-completionredhat-upgrade-libguestfs-debuginforedhat-upgrade-libguestfs-debugsourceredhat-upgrade-libguestfs-develredhat-upgrade-libguestfs-gfs2redhat-upgrade-libguestfs-gobjectredhat-upgrade-libguestfs-gobject-debuginforedhat-upgrade-libguestfs-gobject-develredhat-upgrade-libguestfs-inspect-iconsredhat-upgrade-libguestfs-javaredhat-upgrade-libguestfs-java-debuginforedhat-upgrade-libguestfs-java-develredhat-upgrade-libguestfs-javadocredhat-upgrade-libguestfs-man-pages-jaredhat-upgrade-libguestfs-man-pages-ukredhat-upgrade-libguestfs-rescueredhat-upgrade-libguestfs-rsyncredhat-upgrade-libguestfs-toolsredhat-upgrade-libguestfs-tools-credhat-upgrade-libguestfs-tools-c-debuginforedhat-upgrade-libguestfs-winsupportredhat-upgrade-libguestfs-xfsredhat-upgrade-libiscsiredhat-upgrade-libiscsi-debuginforedhat-upgrade-libiscsi-debugsourceredhat-upgrade-libiscsi-develredhat-upgrade-libiscsi-utilsredhat-upgrade-libiscsi-utils-debuginforedhat-upgrade-libnbdredhat-upgrade-libnbd-bash-completionredhat-upgrade-libnbd-debuginforedhat-upgrade-libnbd-debugsourceredhat-upgrade-libnbd-develredhat-upgrade-libtpmsredhat-upgrade-libtpms-debuginforedhat-upgrade-libtpms-debugsourceredhat-upgrade-libtpms-develredhat-upgrade-libvirtredhat-upgrade-libvirt-clientredhat-upgrade-libvirt-client-debuginforedhat-upgrade-libvirt-daemonredhat-upgrade-libvirt-daemon-config-networkredhat-upgrade-libvirt-daemon-config-nwfilterredhat-upgrade-libvirt-daemon-debuginforedhat-upgrade-libvirt-daemon-driver-interfaceredhat-upgrade-libvirt-daemon-driver-interface-debuginforedhat-upgrade-libvirt-daemon-driver-networkredhat-upgrade-libvirt-daemon-driver-network-debuginforedhat-upgrade-libvirt-daemon-driver-nodedevredhat-upgrade-libvirt-daemon-driver-nodedev-debuginforedhat-upgrade-libvirt-daemon-driver-nwfilterredhat-upgrade-libvirt-daemon-driver-nwfilter-debuginforedhat-upgrade-libvirt-daemon-driver-qemuredhat-upgrade-libvirt-daemon-driver-qemu-debuginforedhat-upgrade-libvirt-daemon-driver-secretredhat-upgrade-libvirt-daemon-driver-secret-debuginforedhat-upgrade-libvirt-daemon-driver-storageredhat-upgrade-libvirt-daemon-driver-storage-coreredhat-upgrade-libvirt-daemon-driver-storage-core-debuginforedhat-upgrade-libvirt-daemon-driver-storage-diskredhat-upgrade-libvirt-daemon-driver-storage-disk-debuginforedhat-upgrade-libvirt-daemon-driver-storage-glusterredhat-upgrade-libvirt-daemon-driver-storage-gluster-debuginforedhat-upgrade-libvirt-daemon-driver-storage-iscsiredhat-upgrade-libvirt-daemon-driver-storage-iscsi-debuginforedhat-upgrade-libvirt-daemon-driver-storage-iscsi-directredhat-upgrade-libvirt-daemon-driver-storage-iscsi-direct-debuginforedhat-upgrade-libvirt-daemon-driver-storage-logicalredhat-upgrade-libvirt-daemon-driver-storage-logical-debuginforedhat-upgrade-libvirt-daemon-driver-storage-mpathredhat-upgrade-libvirt-daemon-driver-storage-mpath-debuginforedhat-upgrade-libvirt-daemon-driver-storage-rbdredhat-upgrade-libvirt-daemon-driver-storage-rbd-debuginforedhat-upgrade-libvirt-daemon-driver-storage-scsiredhat-upgrade-libvirt-daemon-driver-storage-scsi-debuginforedhat-upgrade-libvirt-daemon-kvmredhat-upgrade-libvirt-dbusredhat-upgrade-libvirt-dbus-debuginforedhat-upgrade-libvirt-dbus-debugsourceredhat-upgrade-libvirt-debuginforedhat-upgrade-libvirt-debugsourceredhat-upgrade-libvirt-develredhat-upgrade-libvirt-docsredhat-upgrade-libvirt-libsredhat-upgrade-libvirt-libs-debuginforedhat-upgrade-libvirt-lock-sanlockredhat-upgrade-libvirt-lock-sanlock-debuginforedhat-upgrade-libvirt-nssredhat-upgrade-libvirt-nss-debuginforedhat-upgrade-libvirt-python-debugsourceredhat-upgrade-libvirt-wiresharkredhat-upgrade-libvirt-wireshark-debuginforedhat-upgrade-lua-guestfsredhat-upgrade-lua-guestfs-debuginforedhat-upgrade-nbdfuseredhat-upgrade-nbdfuse-debuginforedhat-upgrade-nbdkitredhat-upgrade-nbdkit-bash-completionredhat-upgrade-nbdkit-basic-filtersredhat-upgrade-nbdkit-basic-filters-debuginforedhat-upgrade-nbdkit-basic-pluginsredhat-upgrade-nbdkit-basic-plugins-debuginforedhat-upgrade-nbdkit-curl-pluginredhat-upgrade-nbdkit-curl-plugin-debuginforedhat-upgrade-nbdkit-debuginforedhat-upgrade-nbdkit-debugsourceredhat-upgrade-nbdkit-develredhat-upgrade-nbdkit-example-pluginsredhat-upgrade-nbdkit-example-plugins-debuginforedhat-upgrade-nbdkit-gzip-filterredhat-upgrade-nbdkit-gzip-filter-debuginforedhat-upgrade-nbdkit-gzip-pluginredhat-upgrade-nbdkit-gzip-plugin-debuginforedhat-upgrade-nbdkit-linuxdisk-pluginredhat-upgrade-nbdkit-linuxdisk-plugin-debuginforedhat-upgrade-nbdkit-nbd-pluginredhat-upgrade-nbdkit-nbd-plugin-debuginforedhat-upgrade-nbdkit-python-pluginredhat-upgrade-nbdkit-python-plugin-debuginforedhat-upgrade-nbdkit-serverredhat-upgrade-nbdkit-server-debuginforedhat-upgrade-nbdkit-ssh-pluginredhat-upgrade-nbdkit-ssh-plugin-debuginforedhat-upgrade-nbdkit-tar-filterredhat-upgrade-nbdkit-tar-filter-debuginforedhat-upgrade-nbdkit-tar-pluginredhat-upgrade-nbdkit-tar-plugin-debuginforedhat-upgrade-nbdkit-tmpdisk-pluginredhat-upgrade-nbdkit-tmpdisk-plugin-debuginforedhat-upgrade-nbdkit-vddk-pluginredhat-upgrade-nbdkit-vddk-plugin-debuginforedhat-upgrade-nbdkit-xz-filterredhat-upgrade-nbdkit-xz-filter-debuginforedhat-upgrade-netcfredhat-upgrade-netcf-debuginforedhat-upgrade-netcf-debugsourceredhat-upgrade-netcf-develredhat-upgrade-netcf-libsredhat-upgrade-netcf-libs-debuginforedhat-upgrade-ocaml-hivexredhat-upgrade-ocaml-hivex-debuginforedhat-upgrade-ocaml-hivex-develredhat-upgrade-ocaml-libguestfsredhat-upgrade-ocaml-libguestfs-debuginforedhat-upgrade-ocaml-libguestfs-develredhat-upgrade-ocaml-libnbdredhat-upgrade-ocaml-libnbd-debuginforedhat-upgrade-ocaml-libnbd-develredhat-upgrade-perl-hivexredhat-upgrade-perl-hivex-debuginforedhat-upgrade-perl-sys-guestfsredhat-upgrade-perl-sys-guestfs-debuginforedhat-upgrade-perl-sys-virtredhat-upgrade-perl-sys-virt-debuginforedhat-upgrade-perl-sys-virt-debugsourceredhat-upgrade-python3-hivexredhat-upgrade-python3-hivex-debuginforedhat-upgrade-python3-libguestfsredhat-upgrade-python3-libguestfs-debuginforedhat-upgrade-python3-libnbdredhat-upgrade-python3-libnbd-debuginforedhat-upgrade-python3-libvirtredhat-upgrade-python3-libvirt-debuginforedhat-upgrade-qemu-guest-agentredhat-upgrade-qemu-guest-agent-debuginforedhat-upgrade-qemu-imgredhat-upgrade-qemu-img-debuginforedhat-upgrade-qemu-kvmredhat-upgrade-qemu-kvm-block-curlredhat-upgrade-qemu-kvm-block-curl-debuginforedhat-upgrade-qemu-kvm-block-glusterredhat-upgrade-qemu-kvm-block-gluster-debuginforedhat-upgrade-qemu-kvm-block-iscsiredhat-upgrade-qemu-kvm-block-iscsi-debuginforedhat-upgrade-qemu-kvm-block-rbdredhat-upgrade-qemu-kvm-block-rbd-debuginforedhat-upgrade-qemu-kvm-block-sshredhat-upgrade-qemu-kvm-block-ssh-debuginforedhat-upgrade-qemu-kvm-commonredhat-upgrade-qemu-kvm-common-debuginforedhat-upgrade-qemu-kvm-coreredhat-upgrade-qemu-kvm-core-debuginforedhat-upgrade-qemu-kvm-debuginforedhat-upgrade-qemu-kvm-debugsourceredhat-upgrade-qemu-kvm-docsredhat-upgrade-qemu-kvm-hw-usbredirredhat-upgrade-qemu-kvm-hw-usbredir-debuginforedhat-upgrade-qemu-kvm-testsredhat-upgrade-qemu-kvm-ui-openglredhat-upgrade-qemu-kvm-ui-opengl-debuginforedhat-upgrade-qemu-kvm-ui-spiceredhat-upgrade-qemu-kvm-ui-spice-debuginforedhat-upgrade-ruby-hivexredhat-upgrade-ruby-hivex-debuginforedhat-upgrade-ruby-libguestfsredhat-upgrade-ruby-libguestfs-debuginforedhat-upgrade-seabiosredhat-upgrade-seabios-binredhat-upgrade-seavgabios-binredhat-upgrade-sgabiosredhat-upgrade-sgabios-binredhat-upgrade-slofredhat-upgrade-superminredhat-upgrade-supermin-debuginforedhat-upgrade-supermin-debugsourceredhat-upgrade-supermin-develredhat-upgrade-swtpmredhat-upgrade-swtpm-debuginforedhat-upgrade-swtpm-debugsourceredhat-upgrade-swtpm-develredhat-upgrade-swtpm-libsredhat-upgrade-swtpm-libs-debuginforedhat-upgrade-swtpm-toolsredhat-upgrade-swtpm-tools-debuginforedhat-upgrade-swtpm-tools-pkcs11redhat-upgrade-virt-dibredhat-upgrade-virt-dib-debuginforedhat-upgrade-virt-v2vredhat-upgrade-virt-v2v-bash-completionredhat-upgrade-virt-v2v-debuginforedhat-upgrade-virt-v2v-debugsourceredhat-upgrade-virt-v2v-man-pages-jaredhat-upgrade-virt-v2v-man-pages-uk
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.