CVE-2022-23523

Published: Dec 13, 2022

Modified: Apr 18, 2025

PUBLISHED

CVSS v3.1

4.0

MEDIUM

Description

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.

Vendor	Product	Versions
rust-vmm	linux-loader	affected `< 0.8.1`

Weaknesses (CWE)

CWE-125

CWE-119

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

References

https://github.com/rust-vmm/linux-loader/security/advisories/GHSA-52h2-m2cf-9jh6

x_refsource_CONFIRM

https://github.com/rust-vmm/linux-loader/pull/125

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-23523

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References