VDB
CNVD-2023-61010
CNVD-2023-61010
PUBLISHED
CVSS 6 MEDIUM
QEMU是法国法布里斯-贝拉(Fabrice Bellard)个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU存在内存错误引用漏洞,该漏洞源于e1000e NIC仿真代码负责释放内存的指令发生混乱。攻击者可利用该漏洞使主机上的QEMU进程崩溃,进而导致拒绝服务。
Risk Scores
CVSS v3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8 Advanced Virtualization | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 8 | * |
| Red Hat | Red Hat Enterprise Linux 8 | 8090020231206155326.a75119d5 |
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | 8080020240116113044.63b34585 |
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | * |
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | 8060020231128234847.ad008a3a |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | 8060020231128234847.ad008a3a |
| Red Hat | Red Hat Enterprise Linux 9 | 17:8.2.0-11.el9_4 |
Timeline
- Jul 12, 2023 CVE Published
- Jul 24, 2023 PoC Published
- May 4, 2026 Distribution Patch
- May 4, 2026 Distribution Patch
- May 4, 2026 Distribution Patch
- May 4, 2026 Distribution Patch
- May 4, 2026 Security Advisory
- May 4, 2026 Security Advisory
- May 4, 2026 Security Advisory
- May 4, 2026 Security Advisory
References
- RHSA-2024:0135 vendor-advisory
- RHSA-2024:0404 vendor-advisory
- RHSA-2024:0569 vendor-advisory
- RHSA-2024:2135 vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3019 vdb
- RHBZ#2222351 issue
- https://security.netapp.com/advisory/ntap-20230831-0005/ url
- https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html url