QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
References
Link | Resource |
---|---|
https://gitlab.com/qemu-project/qemu/-/commit/7cfcc79b0ab800959716738aff9419f53fc68c9c | |
https://gitlab.com/qemu-project/qemu/-/issues/1813 | Exploit Issue Tracking Third Party Advisory |
https://security.netapp.com/advisory/ntap-20231103-0005/ |
Configurations
History
04 Nov 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Oct 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
13 Sep 2023, 14:32
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* | |
CWE | CWE-369 | |
References | (MISC) https://gitlab.com/qemu-project/qemu/-/issues/1813 - Exploit, Issue Tracking, Third Party Advisory | |
References | (MISC) https://gitlab.com/thuth/qemu/-/commit/3f91104484e5bf55b56d7e1b039a4a5a17d0c1a7 - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Qemu
Qemu qemu |
11 Sep 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-11 04:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-42467
Mitre link : CVE-2023-42467
CVE.ORG link : CVE-2023-42467
JSON object : View
Products Affected
qemu
- qemu
CWE
CWE-369
Divide By Zero