"value":"A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host."
}
]
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang":"eng",
"value":"Out-of-bounds Read",
"cweId":"CWE-125"
}
]
}
]
},
"affects":{
"vendor":{
"vendor_data":[
{
"vendor_name":"Red Hat",
"product":{
"product_data":[
{
"product_name":"Red Hat Enterprise Linux 6",
"version":{
"version_data":[
{
"version_value":"not down converted",
"x_cve_json_5_version_data":{
"defaultStatus":"unknown"
}
}
]
}
},
{
"product_name":"Red Hat Enterprise Linux 7",
"version":{
"version_data":[
{
"version_value":"not down converted",
"x_cve_json_5_version_data":{
"defaultStatus":"unknown"
}
},
{
"version_value":"not down converted",
"x_cve_json_5_version_data":{
"defaultStatus":"unknown"
}
}
]
}
},
{
"product_name":"Red Hat Enterprise Linux 8",
"version":{
"version_data":[
{
"version_value":"not down converted",
"x_cve_json_5_version_data":{
"defaultStatus":"affected"
}
}
]
}
},
{
"product_name":"Red Hat Enterprise Linux 8 Advanced Virtualization",
"value":"A viable mitigation for this vulnerability is to disable RSS on the nic/virtio driver. \nThis can be performed either with the following qemu-kvm command \"-device virtio-net-pci,rss=off\", or, alternatively, by directly modifying the KVM XML file to disable RSS using a standard configuration tool (ex. libvirt)."
