CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

CVE-2024-0340

CVE-2024-0340 is confirmed in the Linux kernel, affecting the vhost_new_msg path in drivers/vhost/vhost.c. The issue arises from memory not being properly initialized when building messages exchanged between virtual guests and the host via /dev/vhost-net, enabling local privileged users to read k...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS.Lack of validation in getrawsocket in drivers/vhost/net.c of an skfamily field allows to attacker perform ioctl2 calls on the '/dev/vhost-net' device may use this flaw to crash the kernel...

CVE-2018-1118

The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file...