CVE-2023-4135

CVE Details

Release Date:

2023-08-03

Description

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.

See more information about CVE-2023-4135 from MITRE CVE dictionary and NIST NVD

CVSS Scoring

NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score:	6	CVSS Vector:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector:	Local network	Attack Complexity:	Low
Privileges Required:	High	User Interaction:	None
Scope:	Changed	Confidentiality Impact:	High
Integrity Impact:	None	Availability Impact:	None

Errata information

Platform	Errata	Release Date
Oracle Linux version 8 (hivex)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libguestfs)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libguestfs-winsupport)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libiscsi)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libnbd)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libtpms)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libvirt)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libvirt-dbus)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (libvirt-python)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (nbdkit)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (netcf)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (perl-Sys-Virt)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (qemu-kvm)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (seabios)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (sgabios)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (supermin)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (swtpm)	ELSA-2024-12605	2024-09-02
Oracle Linux version 8 (virt-v2v)	ELSA-2024-12605	2024-09-02