
We found results for “”
CVE-2021-32845
Date: February 16, 2023
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of "qnotify" at "pci_vtrnd_notify" fails to check the return value of "vq_getchain". This leads to "struct iovec iov;" being uninitialized and used to read memory in "len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len);" when an attacker is able to make "vq_getchain" fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.
Language: C
Severity Score
Related Resources (5)
Severity Score
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | HIGH |
Availability (A): | HIGH |