Lucene search
PRIOn knowledge basePRION:CVE-2022-2962HistorySep 13, 2022 - 8:15 p.m.
Design/Logic Flaw
2022-09-1320:15:00
PRIOn knowledge base
www.prio-n.com
2
logic flaw
security issue
dma reentrancy
tulip emulation
qemu
denial of service
A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the rx/tx frame, it doesn’t check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers multiple times, possibly leading to a stack or heap overflow. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
Related
cbl_mariner
cbl_mariner
CVE-2022-2962 affecting package qemu for versions less than 6.2.0-13
2023-01-17 16:47:04
CVE-2022-2962 affecting package qemu for versions less than 6.2.0-18
2024-03-19 17:21:46
CVE-2022-2962 affecting package qemu-kvm 4.2.0-43
2023-01-12 20:55:00
cve
cve
CVE-2022-2962
2022-09-13 20:15:09
ubuntucve
ubuntucve
CVE-2022-2962
2022-09-13 00:00:00
nvd
nvd
CVE-2022-2962
2022-09-13 20:15:09
redhatcve
redhatcve
CVE-2022-2962
2022-08-23 13:10:01
osv
osv
CVE-2022-2962
2022-09-13 20:15:09
qemu vulnerabilities
2022-12-12 06:51:06
debiancve
debiancve
CVE-2022-2962
2022-09-13 20:15:09
cvelist
cvelist
CVE-2022-2962
2022-09-13 19:18:14
alpinelinux
alpinelinux
CVE-2022-2962
2022-09-13 20:15:09
veracode
veracode
Denial Of Service (DoS)
2022-09-18 01:10:34
ubuntu
ubuntu
QEMU vulnerabilities
2022-12-12 00:00:00
nessus
nessus
openvas
openvas
Ubuntu: Security Advisory (USN-5772-1)
2022-12-13 00:00:00