icon

We found results for “

CVE-2021-32845

Date: February 16, 2023

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of "qnotify" at "pci_vtrnd_notify" fails to check the return value of "vq_getchain". This leads to "struct iovec iov;" being uninitialized and used to read memory in "len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len);" when an attacker is able to make "vq_getchain" fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Unchecked Return Value

CWE-252

Use of Uninitialized Resource

CWE-908

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us