Commit de421cab authored Aug 14, 2023 by Archana Polampalli Committed by Steve Sakoman Aug 14, 2023

qemu: fix CVE-2023-3180

A flaw was found in the QEMU virtual crypto device while handling data
encryption/decryption requests in virtio_crypto_handle_sym_req.
There is no check for the value of `src_len` and `dst_len` in
virtio_crypto_sym_op_helper, potentially leading to a heap buffer
overflow when the two values differ.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-3180

Upstream patches:
https://gitlab.com/qemu-project/qemu/-/commit/49f1e02bac166821c712534aaa775f50e1afe17f



Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

parent 71d0683d

Hide whitespace changes

Inline Side-by-side

Please register or to comment