Описание
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:9.0.2+ds-4ubuntu2 |
| esm-infra-legacy/trusty | released | 2.0.0+dfsg-2ubuntu1.47+esm6 |
| esm-infra-legacy/xenial | released | 1:2.5+dfsg-5ubuntu10.51+esm4 |
| esm-infra/bionic | released | 1:2.11+dfsg-1ubuntu7.42+esm5 |
| esm-infra/focal | released | 1:4.2-3ubuntu6.30+esm1 |
| esm-infra/xenial | ignored | end of ESM support, was needs-triage |
| focal | ignored | end of standard support, was needs-triage |
| jammy | released | 1:6.2+dfsg-2ubuntu6.27 |
| mantic | ignored | end of life, was needs-triage |
| noble | released | 1:8.2.2+ds-0ubuntu1.10 |
Показывать по
EPSS
8.2 High
CVSS3
Связанные уязвимости
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
A double free vulnerability was found in QEMU virtio devices (virtio-g ...
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
Уязвимость эмулятора аппаратного обеспечения QEMU, связанная с ошибкой повторного освобождения памяти, позволяющая нарушителю выполнить произвольный код
EPSS
8.2 High
CVSS3