REDHAT-BUG-2428640
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption. Patch: https://lore.kernel.org/qemu-devel/13FE03BE60EA78D6+20260109023548.4047-1-vr@darknavy.com/ Credit: DARKNAVY (@DarkNavyOrg)
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2428640?
The severity of REDHAT-BUG-2428640 has been classified as critical due to potential denial of service and memory corruption risks.
How do I fix REDHAT-BUG-2428640?
To fix REDHAT-BUG-2428640, apply the latest patch or update from the QEMU project that addresses this vulnerability.
What systems are affected by REDHAT-BUG-2428640?
REDHAT-BUG-2428640 affects QEMU versions that implement KVM Xen guest support.
What can an attacker do with the REDHAT-BUG-2428640 vulnerability?
An attacker can exploit REDHAT-BUG-2428640 to trigger out-of-bounds heap accesses, leading to a denial of service or potential memory corruption.
Is there a known exploit for REDHAT-BUG-2428640?
While specific exploits for REDHAT-BUG-2428640 are not publicly detailed, the nature of the vulnerability allows for potential exploitation by malicious guests.