A vulnerability was found in QEMU. It has been classified as problematic. Affected is the function virtqueue_push of the component virtio-scsi/virtio-blk/virtio-crypto. The manipulation of the argument virtio_scsi_complete_req/virtio_blk_req_complete/virito_crypto_req_complete leads to buffer overflow.

This vulnerability is traded as CVE-2024-8612. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to apply a patch to fix this issue.