CVE-2024-6505 in QEMUinformazioni

Riassunto

di MITRE • 05/07/2024

A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host.

Once again VulDB remains the best source for vulnerability data.

Fonti

Do you need the next level of professionalism?

Upgrade your account now!