CVE-2022-23523 MEDIUM

CVE-2022-23523: rust-vmm linux-loader vulnerable to Out-of-bounds Read

Vendor Rust-Vmm
Product linux-loader
Weakness CWE-125
Published December 13, 2022
Last update April 18, 2025

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.

Key dates

02Disclosure timeline

December 13, 2022 CVE published
April 18, 2025 Record updated