CVE-2024-0340
CVSS v3.1
5.5 (Medium)
EPSS
0.04 % (5th)
Affected Products
1
Advisories
32
NVD Status
Modified
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CWE-NVD-noinfo
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- Red Hat, Inc.
- Published Date
-
2024-01-09 18:15:47
(8 months ago) - Updated Date
-
2024-09-14 00:15:14
(2 days ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...