Lucene search
MitreCVELIST:CVE-2022-36648HistoryAug 22, 2023 - 12:00 a.m.
CVE-2022-36648
2023-08-2200:00:00
mitre
www.cve.org
1
hardware emulation
of_dpa_cmd_add_l2_flood
qemu
remote attackers
crash
host qemu
execute code
guest os
disputed vulnerability
third parties
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case.
Related
osv
osv
CVE-2022-36648
2023-08-22 19:16:23
cbl_mariner
cbl_mariner
CVE-2022-36648 affecting package qemu for versions less than 6.2.0-18
2024-03-19 17:21:46
CVE-2022-36648 affecting package qemu for versions less than 6.2.0-17
2023-09-13 02:10:38
debiancve
debiancve
CVE-2022-36648
2023-08-22 19:16:23
cve
cve
CVE-2022-36648
2023-08-22 19:16:23
redhatcve
redhatcve
CVE-2022-36648
2024-01-03 11:01:01
prion
prion
Design/Logic Flaw
2023-08-22 19:16:00
nvd
nvd
CVE-2022-36648
2023-08-22 19:16:23
ubuntucve
ubuntucve
CVE-2022-36648
2023-08-22 00:00:00
redos
redos
ROS-20240401-01
2024-04-01 00:00:00