CVE-2021-32845
HIGHHyperKit <0.20210107 - DoS
Title source: llmDescription
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of `qnotify` at `pci_vtrnd_notify` fails to check the return value of `vq_getchain`. This leads to `struct iovec iov;` being uninitialized and used to read memory in `len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len);` when an attacker is able to make `vq_getchain` fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.
Scores
CVSS v3
7.7
EPSS
0.0007
EPSS Percentile
21.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Classification
CWE
CWE-252
CWE-908
Status
published
Affected Products (1)
mobyproject/hyperkit
< 0.20210107
Timeline
Published
Feb 17, 2023
Tracked Since
Feb 18, 2026