CVE-2021-32845

Published: Feb 17, 2023

Modified: Mar 10, 2025

PUBLISHED

CVSS v3.1

7.7

HIGH

Description

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of `qnotify` at `pci_vtrnd_notify` fails to check the return value of `vq_getchain`. This leads to `struct iovec iov;` being uninitialized and used to read memory in `len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len);` when an attacker is able to make `vq_getchain` fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.

Vendor	Product	Versions
moby	hyperkit	affected `0.20210107 - <= 0.20210107`

Weaknesses (CWE)

CWE-908

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

References

https://securitylab.github.com/advisories/GHSL-2021-054_057-moby-hyperkit/

https://github.com/moby/hyperkit/pull/313

https://github.com/moby/hyperkit/commit/41272a980197917df8e58ff90642d14dec8fe948

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-32845

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References