A flaw was found in the QEMU implementation of VMWare’s paravirtual RDMA
device. This flaw allows a crafted guest driver to allocate and initialize
a huge number of page tables to be used as a ring of descriptors for CQ and
async events, potentially leading to an out-of-bounds read and crash of
QEMU.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | qemu | < any | UNKNOWN |
ubuntu | 20.04 | noarch | qemu | < 1:4.2-3ubuntu6.28 | UNKNOWN |
ubuntu | 22.04 | noarch | qemu | < 1:6.2+dfsg-2ubuntu6.16 | UNKNOWN |
ubuntu | 23.04 | noarch | qemu | < 1:7.2+dfsg-5ubuntu2.4 | UNKNOWN |
ubuntu | 23.10 | noarch | qemu | < 1:8.0.4+dfsg-1ubuntu3.23.10.2 | UNKNOWN |
ubuntu | 24.04 | noarch | qemu | < 1:8.1.3+ds-1ubuntu1 | UNKNOWN |
ubuntu | 14.04 | noarch | qemu | < any | UNKNOWN |
ubuntu | 16.04 | noarch | qemu | < any | UNKNOWN |