Skip to main content

Qemu CVE-2023-2680

HIGH
Use After Free (CWE-416)
2023-09-13 secalert@redhat.com
8.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.2 HIGH
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 13, 2023 - 17:15 nvd
HIGH 8.2

DescriptionNVD

This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.

AnalysisAI

This CVE exists because of an incomplete fix for CVE-2021-3750. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750. Affected products include: Qemu, Redhat Enterprise Linux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.

More in Qemu

View all
CVE-2015-3456 HIGH POC
7.7 May 13

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a

CVE-2015-8556 CRITICAL POC
10.0 Mar 24

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. Rated critical severity (CVSS 10.0)

CVE-2019-12928 CRITICAL POC
9.8 Jun 24

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote

CVE-2019-12929 CRITICAL POC
9.8 Jun 24

The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achi

CVE-2015-7512 CRITICAL
9.0 Jan 08

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remot

CVE-2016-7161 CRITICAL
9.8 Oct 05

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attacke

CVE-2024-24474 HIGH POC
8.8 Feb 20

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA tra

CVE-2022-35414 HIGH POC
8.8 Jul 11

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_r

CVE-2016-4002 CRITICAL
9.8 Apr 26

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept

CVE-2024-3447 MEDIUM POC
6.0 Nov 14

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. Rated medium severity (CVSS 6.0), this vul

CVE-2017-15268 HIGH POC
7.5 Oct 12

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, rela

CVE-2022-2962 HIGH POC
7.8 Sep 13

A DMA reentrancy issue was found in the Tulip device emulation in QEMU. Rated high severity (CVSS 7.8), this vulnerabili

Share

CVE-2023-2680 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy