CVE-2021-3608
Description
A flaw was found in the QEMU implementation of VMWares paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a PVRDMA_REG_DSRHIGH write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The highest threat from this vulnerability is to system availability.
Risk Information
Base Score
6.0
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.037
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Machine emulator and virtualizer (USN-5010-1) qemu_5.0-5ubuntu9.9_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu_4.2-3ubuntu6.17_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu_5.2+dfsg-9ubuntu3.1_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu_2.11+dfsg-1ubuntu7.37_i386.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu_2.11+dfsg-1ubuntu7.37_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system_5.0-5ubuntu9.9_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system_4.2-3ubuntu6.17_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system_5.2+dfsg-9ubuntu3.1_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system_2.11+dfsg-1ubuntu7.37_i386.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system_2.11+dfsg-1ubuntu7.37_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system-x86_5.0-5ubuntu9.9_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system-x86_4.2-3ubuntu6.17_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-5010-1) qemu-system-x86_5.2+dfsg-9ubuntu3.1_amd64.deb | Linux |
| Qemu update (ELSA-2021-9425) qemu-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-block-gluster update (ELSA-2021-9425) qemu-block-gluster-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-block-iscsi update (ELSA-2021-9425) qemu-block-iscsi-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-block-rbd update (ELSA-2021-9425) qemu-block-rbd-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-common update (ELSA-2021-9425) qemu-common-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-img update (ELSA-2021-9425) qemu-img-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-kvm update (ELSA-2021-9425) qemu-kvm-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-kvm-core update (ELSA-2021-9425) qemu-kvm-core-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-system-x86 update (ELSA-2021-9425) qemu-system-x86-4.2.1-11.el7.x86_64.rpm | Linux |
| Qemu-system-x86-core update (ELSA-2021-9425) qemu-system-x86-core-4.2.1-11.el7.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234