Published: 06/12/2023 Updated: 11/03/2024

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 0

A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 520 The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario (CVE- ...

Description This CVE is under investigation by Red Hat Product Security ...

Critical Infrastructure Sectors: Critical Manufacturing

NVD-CWE-Other https://access.redhat.com/security/cve/CVE-2023-2861 https://bugzilla.redhat.com/show_bug.cgi?id=2219266 https://security.netapp.com/advisory/ntap-20240125-0005/https://security.netapp.com/advisory/ntap-20240229-0002/https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2148.html https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-2861

Vulnerability Summary

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect