Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-1544

Published: 23/03/2023 Updated: 19/04/2024
CVSS v3 Base Score: 6.3 | Impact Score: 4 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Qemu

Vulnerability Summary

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu

fedoraproject fedora 37

Vendor Advisories

Debian CVElist Bug Report Logs: qemu: CVE-2023-1544
Debian Bug report logs - #1034179 qemu: CVE-2023-1544 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Mon, 10 Apr 2023 17:39:04 UTC Severity: important Tags: security, upstream Forwarded to list ...

References

CWE-770https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=2180364https://security.netapp.com/advisory/ntap-20230511-0005/https://access.redhat.com/security/cve/CVE-2023-1544https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034179https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook