CVE-2023-5158

Summary

A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.

Affected Software

VendorProductVersion RangeStatus
n/akernel5.13-rc1unaffected

Weaknesses

  • CWE-684: Incorrect Provision of Specified Functionality

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References