A heap out-of-bounds memory read... CVE-2023-4135

- AV AC AU C I A
发布: 2023-08-04
修订: 2023-12-11

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.

0%
暂无可用Exp或PoC
当前有6条受影响产品信息