Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-3180
HistoryAug 03, 2023 - 3:15 p.m.

Heap overflow

2023-08-0315:15:00
PRIOn knowledge base
www.prio-n.com
7
qemu
virtual crypto device
data encryption
data decryption
buffer overflow
heap overflow
virtio_crypto_handle_sym_req
virtio_crypto_sym_op_helper

AI Score

6.3

Confidence

High

EPSS

0

Percentile

5.1%

A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of src_len and dst_len in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.

CPENameOperatorVersion
debian_linuxeq10.0
fedoraeq38