A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.
References
| Link | Resource |
|---|---|
| https://access.redhat.com/security/cve/CVE-2023-0330 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2160151 | |
| https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html | Mailing List Third Party Advisory |
| https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html | Mailing List Patch |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
19 Apr 2024, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
15 Nov 2023, 17:14
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Debian
Debian debian Linux |
|
| CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html - Mailing List, Third Party Advisory |
05 Oct 2023, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
06 Jul 2023, 16:38
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:8.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:8.0.0:-:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:8.0.0:rc4:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:8.0.0:rc0:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:8.0.0:rc2:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:8.0.0:rc3:*:*:*:*:*:* |
Information
Published : 2023-03-06 23:15
Updated : 2024-04-19 14:15
NVD link : CVE-2023-0330
Mitre link : CVE-2023-0330
CVE.ORG link : CVE-2023-0330
JSON object : View
Products Affected
debian
- debian_linux
qemu
- qemu