The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value.