CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3019 – Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()
https://notcve.org/view.php?id=CVE-2023-3019
24 Jul 2023 — A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. This update for qemu fixes the following issues. Fixed heap use-after-free in e1000e_write_packet_to_guest. Fixed NULL pointer dereference in qemu_clipboard_request. • https://access.redhat.com/errata/RHSA-2024:0135 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-3354 – Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service
https://notcve.org/view.php?id=CVE-2023-3354
11 Jul 2023 — A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. This update for qemu fixes the following issues. • https://access.redhat.com/security/cve/CVE-2023-3354 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0664
https://notcve.org/view.php?id=CVE-2023-0664
29 Mar 2023 — A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2167423 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-0330 – Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow
https://notcve.org/view.php?id=CVE-2023-0330
06 Mar 2023 — A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. This update for qemu fixes the following issues. Fixed a memory leak due to a missing virtqueue detach on error. Fixed an use-after-free in nvme DMA reentrancy issue. • https://access.redhat.com/security/cve/CVE-2023-0330 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •