CVE-2024-7730

{"id": "CVE-2024-7730", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.4}]}, "published": "2024-11-14T12:15:18.857", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2024-7730", "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304289", "source": "patrick@puiterwijk.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element is equal to virtio_snd_pcm_status, which makes the available space for audio data zero."}, {"lang": "es", "value": "Se encontr\u00f3 un desbordamiento del b\u00fafer de mont\u00f3n en el dispositivo virtio-snd en QEMU. Al leer el audio de entrada en la devoluci\u00f3n de llamada de entrada virtio-snd, virtio_snd_pcm_in_cb, la funci\u00f3n no verific\u00f3 si el iov puede caber en el b\u00fafer de datos. Este problema puede desencadenar una escritura fuera de los l\u00edmites si el tama\u00f1o del elemento de cola virtio es igual a virtio_snd_pcm_status, lo que hace que el espacio disponible para los datos de audio sea cero."}], "lastModified": "2024-11-15T13:58:08.913", "sourceIdentifier": "patrick@puiterwijk.org"}