CVE-2024-3446 in QEMU
Zusammenfassung
von MITRE • 09.04.2024
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.