CVE-2024-3446

CVSS V2 None CVSS V3 None
Description
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
Overview
  • CVE ID
  • CVE-2024-3446
  • Assigner
  • redhat
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-04-09T19:34:45.646Z
  • Last Modified Date
  • 2024-04-25T17:46:02.079Z
History
Created Old Value New Value Data Type Notes
2024-06-23 23:58:11 Added to TrackCVE