Lucene search
GoogleOSV:CVE-2023-6693HistoryJan 02, 2024 - 10:15 a.m.
CVE-2023-6693
2024-01-0210:15:08
Google
osv.dev
7
qemu
virtio-net
buffer overflow
information leak
security issue
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the out_sg variable could be used to read a part of process memory and send it to the wire, causing an information leak.
Related
nessus
nessus
Fedora 39 : qemu (2024-c601293124)
2024-02-19 00:00:00
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12276)
2024-04-10 00:00:00
veracode
veracode
Out-of-bounds Write
2024-01-13 09:20:32
prion
prion
Stack overflow
2024-01-02 10:15:00
ubuntucve
ubuntucve
CVE-2023-6693
2024-01-02 00:00:00
cvelist
cvelist
Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()
2024-01-02 09:15:08
alpinelinux
alpinelinux
CVE-2023-6693
2024-01-02 10:15:08
redhatcve
redhatcve
CVE-2023-6693
2024-01-02 09:14:48
debiancve
debiancve
CVE-2023-6693
2024-01-02 10:15:08
fedora
fedora
[SECURITY] Fedora 39 Update: qemu-8.1.3-3.fc39
2024-02-20 01:40:36
cve
cve
CVE-2023-6693
2024-01-02 10:15:08
openvas
openvas
Fedora: Security Advisory for qemu (FEDORA-2024-c601293124)
2024-02-20 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1643)
2024-05-15 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1624)
2024-05-15 00:00:00
oraclelinux
oraclelinux
virt:kvm_utils3 security update
2024-04-10 00:00:00