Lucene search
GoogleOSV:CVE-2024-4693HistoryMay 14, 2024 - 3:44 p.m.
CVE-2024-4693
2024-05-1415:44:00
Google
osv.dev
3
qemu
virtio pci
bindings
guest
triggerable
crash
vhost net stop
host
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
Low
A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhost_net_stop(). This flaw allows a malicious guest to crash the QEMU process on the host.
Related
ubuntucve
ubuntucve
CVE-2024-4693
2024-05-14 00:00:00
debiancve
debiancve
CVE-2024-4693
2024-05-14 15:44:26
cvelist
cvelist
nvd
nvd
CVE-2024-4693
2024-05-14 15:44:26
redhatcve
redhatcve
CVE-2024-4693
2024-05-10 08:57:33
vulnrichment
vulnrichment
cve
cve
CVE-2024-4693
2024-05-14 15:44:26
nessus
nessus
QEMU < 9.0.0 Multiple Vulnerabilities
2024-06-06 00:00:00
RHEL 8 : qemu (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : qemu (Unpatched Vulnerability)
2024-05-11 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
Low
Related for OSV:CVE-2024-4693