USN-6167-1: QEMU vulnerabilities

2023-06-19 KENNETH Ubuntu security 0

USN-6167-1: QEMU vulnerabilities

It was discovered that QEMU did not properly manage the guest drivers when
shared buffers are not allocated. A malicious guest driver could use this
issue to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu
22.04 LTS and Ubuntu 22.10. (CVE-2022-1050)

It was discovered that QEMU did not properly check the size of the
structure pointed to by the guest physical address pqxl. A malicious guest
attacker could use this issue to cause QEMU to crash, resulting in a denial
of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10.
(CVE-2022-4144)

It was discovered that QEMU did not properly manage memory in the ACPI
Error Record Serialization Table (ERST) device. A malicious guest attacker
could use this issue to cause QEMU to crash, resulting in a denial of
service. This issue only affected Ubuntu 22.10. (CVE-2022-4172)

It was discovered that QEMU did not properly manage memory when DMA memory
writes happen repeatedly in the lsi53c895a device. A malicious guest
attacker could use this issue to cause QEMU to crash, resulting in a denial
of service. (CVE-2023-0330)
Source: USN-6167-1: QEMU vulnerabilities

About KENNETH 19694 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


이 사이트는 스팸을 줄이는 아키스밋을 사용합니다. 댓글이 어떻게 처리되는지 알아보십시오.