A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
Metrics
Affected Vendors & Products
References
History
Sat, 14 Sep 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-09T17:36:11.578Z
Updated: 2024-09-13T23:36:41.654Z
Reserved: 2024-01-09T12:08:22.012Z
Link: CVE-2024-0340
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-09T18:15:47.503
Modified: 2024-09-14T00:15:14.997
Link: CVE-2024-0340
Redhat