CVE-2024-26328

Опубликовано: 19 фев. 2024

Источник: nvd

CVSS3: 6

EPSS Низкий

Описание

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.

Ссылки

https://lore.kernel.org/all/20240213055345-mutt-send-email-mst%40kernel.org/
Broken Link
https://security.netapp.com/advisory/ntap-20240419-0010/
Third Party Advisory
https://lore.kernel.org/all/20240213055345-mutt-send-email-mst%40kernel.org/
Broken Link
https://security.netapp.com/advisory/ntap-20240419-0010/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Версия от 7.1.0 (включая) до 8.2.1 (включая)

EPSS

Процентиль: 7%

0.00031

Низкий

6 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2024-26328

CVSS3: 6

ubuntu

больше 1 года назад

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.

CVE-2024-26328

CVSS3: 4.7

redhat

больше 1 года назад

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.

CVE-2024-26328

CVSS3: 6

msrc

25 дней назад

Описание отсутствует

CVE-2024-26328

CVSS3: 6

debian

больше 1 года назад

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in h ...

GHSA-5355-6wp2-29w4

CVSS3: 6

github

больше 1 года назад

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.

EPSS

Процентиль: 7%

0.00031

Низкий

6 Medium

CVSS3

Дефекты

CWE-787