CVE-2024-3446 in QEMUinfo

Zusammenfassung

von MITRE • 09.04.2024

A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

Red Hat, Inc.

Reservieren

08.04.2024

Veröffentlichung

09.04.2024

Moderieren

akzeptiert

Eintrag

VDB-260110

CPE

bereit

EPSS

0.00278

KEV

nein

Aktivitäten

very low

Quellen

Might our Artificial Intelligence support you?

Check our Alexa App!