A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2024:0135 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2024:0404 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2024:0569 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2024:2135 | |
https://access.redhat.com/security/cve/CVE-2023-3019 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2222351 | Issue Tracking Patch Third Party Advisory |
Configurations
History
13 Sep 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Apr 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Mar 2024, 19:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* | |
References | () https://access.redhat.com/errata/RHSA-2024:0135 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2024:0404 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2024:0569 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2222351 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20230831-0005/ - Third Party Advisory |
30 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jan 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Jan 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Aug 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Aug 2023, 01:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Qemu qemu
Redhat Qemu Redhat enterprise Linux |
|
CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:* cpe:2.3:a:qemu:qemu:-:*:*:*:*:*:*:* |
|
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-3019 - Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2222351 - Issue Tracking, Third Party Advisory | |
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
24 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-24 16:15
Updated : 2024-09-13 19:15
NVD link : CVE-2023-3019
Mitre link : CVE-2023-3019
CVE.ORG link : CVE-2023-3019
JSON object : View
Products Affected
redhat
- enterprise_linux
qemu
- qemu
CWE
CWE-416
Use After Free