CVE-2023-3180 (qemu) | allinfosecnews.com

Aug. 3, 2023, 3:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.

buffer buffer overflow check crypto cve data data encryption decryption device encryption flaw handling heap buffer overflow overflow qemu requests value virtual

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 7 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 7 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 7 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 7 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 7 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 7 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 7 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 7 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 7 months ago | web.nvd.nist.gov

android bypass check cve +10

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Information Systems Security Manager

@ Bank of America | USA, MD, Fort Meade (6910 Cooper Ave)

View on infosec-jobs.com

Security Engineer

@ EY | Bengaluru, KA, IN, 560048

View on infosec-jobs.com