Lucene search
HistoryMar 06, 2023 - 11:15 p.m.
CVE-2023-0330
vulnerability
lsi53c895a
qemu
memory corruption
dma-mmio
reentrancy
stack overflow
use-after-free
cve-2023-0330
nvd
6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.
Affected configurations
Node
qemuqemuRange7.2.0–7.2.3
ORqemuqemuMatch8.0.0-
ORqemuqemuMatch8.0.0rc0
ORqemuqemuMatch8.0.0rc1
ORqemuqemuMatch8.0.0rc2
ORqemuqemuMatch8.0.0rc3
ORqemuqemuMatch8.0.0rc4
Node
debiandebian_linuxMatch10.0
CNA Affected
[
{
"versions": [
{
"status": "unaffected",
"version": "8.1.0-rc0",
"lessThan": "*",
"versionType": "semver"
}
],
"packageName": "qemu",
"collectionURL": "https://gitlab.com/qemu-project/qemu",
"defaultStatus": "affected"
}
]Related
prion
prion
Stack overflow
2023-03-06 23:15:00
nessus
nessus
EulerOS Virtualization 2.9.0 : qemu-kvm (EulerOS-SA-2023-2031)
2023-06-01 00:00:00
Amazon Linux 2 : qemu (ALAS-2023-2191)
2023-08-14 00:00:00
EulerOS Virtualization 2.9.1 : qemu-kvm (EulerOS-SA-2023-2010)
2023-06-02 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2023-2010)
2023-06-01 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2023-2031)
2023-06-01 00:00:00
Debian: Security Advisory (DLA-3604-1)
2023-10-06 00:00:00
alpinelinux
alpinelinux
CVE-2023-0330
2023-03-06 23:15:11
vulnrichment
vulnrichment
CVE-2023-0330 Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow
2023-03-06 00:00:00
osv
osv
CVE-2023-0330
2023-03-06 23:15:11
qemu - security update
2023-10-05 00:00:00
qemu vulnerabilities
2023-06-19 02:52:13
redhatcve
redhatcve
CVE-2023-0330
2023-01-16 22:04:58
cvelist
cvelist
CVE-2023-0330 Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow
2023-03-06 00:00:00
nvd
nvd
CVE-2023-0330
2023-03-06 23:15:11
debiancve
debiancve
CVE-2023-0330
2023-03-06 23:15:11
veracode
veracode
Out-of-bounds Write
2023-06-06 11:25:43
ubuntucve
ubuntucve
CVE-2023-0330
2023-03-06 00:00:00
amazon
amazon
Medium: qemu
2023-08-03 18:10:00
Medium: qemu
2023-07-17 17:40:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2302
2023-12-05 10:39:31
oraclelinux
oraclelinux
qemu security update
2023-09-22 00:00:00
qemu security update
2023-09-22 00:00:00
virt:kvm_utils1 security update
2024-02-12 00:00:00
debian
debian
[SECURITY] [DLA 3604-1] qemu security update
2023-10-05 16:13:52
ubuntu
ubuntu
QEMU vulnerabilities
2023-06-19 00:00:00
redos
redos
ROS-20240329-15
2024-03-29 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2023-0330