Wind River Support Network

HomeDefectsLIN1018-10497
Fixed

LIN1018-10497 : Security Advisory - qemu - CVE-2023-1544

Created: Mar 21, 2023    Updated: Jul 3, 2023
Resolved Date: Jul 3, 2023
Found In Version: 10.18.44.1
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.

https://nvd.nist.gov/vuln/detail/CVE-2023-1544
  • Linkedin
  • Facebook
  • Twitter
  • Youtube