Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-41051

Опубликовано: 01 сент. 2023
Источник: nvd
CVSS3: 2.5
CVSS3: 4.7
EPSS Низкий

Описание

In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref} trait functions, which allows out-of-bounds memory access if the VolatileMemory::get_slice function returns a VolatileSlice whose length is less than the function’s count argument. No implementations of get_slice provided in vm_memory are affected. Users of custom VolatileMemory implementations may be impacted if the custom implementation does not adhere to get_slice's documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the VolatileSlice retur

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:vm-memory_project:vm-memory:*:*:*:*:*:rust:*:*
Версия от 0.1.0 (включая) до 0.12.2 (исключая)

EPSS

Процентиль: 4%
0.00018
Низкий

2.5 Low

CVSS3

4.7 Medium

CVSS3

Дефекты

CWE-125
CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2023-41051

CVSS3: 2.5
ubuntu
больше 2 лет назад

In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the `VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref}` trait functions, which allows out-of-bounds memory access if the `VolatileMemory::get_slice` function returns a `VolatileSlice` whose length is less than the function’s `count` argument. No implementations of `get_slice` provided in `vm_memory` are affected. Users of custom `VolatileMemory` implementations may be impacted if the custom implementation does not adhere to `get_slice`'s documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the `VolatileSlice` re...

msrc логотип

CVE-2023-41051

CVSS3: 4.7
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2023-41051

CVSS3: 2.5
debian
больше 2 лет назад

In a typical Virtual Machine Monitor (VMM) there are several component ...

github логотип

GHSA-49hh-fprx-m68g

CVSS3: 2.5
github
больше 2 лет назад

Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses

EPSS

Процентиль: 4%
0.00018
Низкий

2.5 Low

CVSS3

4.7 Medium

CVSS3

Дефекты

CWE-125
CWE-125