Published: 13/09/2023 Updated: 07/11/2023

CVSS v3 Base Score: 5.6 | Impact Score: 4 | Exploitability Score: 1.1

VMScore: 0

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu
redhat enterprise linux 8.0
redhat enterprise linux 9.0

Synopsis Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the virt:rhel and virt-devel:rhel modules is now available for Red Ha ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-362 https://bugzilla.redhat.com/show_bug.cgi?id=2215784 https://access.redhat.com/security/cve/CVE-2023-3301 https://security.netapp.com/advisory/ntap-20231020-0008/https://access.redhat.com/errata/RHSA-2023:6980 https://nvd.nist.gov https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-3301

Vulnerability Summary

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect