CVE-2022-35414 — Use of Uninitialized Resource in Qemu

CWE-908 — Use of Uninitialized Resource CWE-457 — Use of Uninitialized Variable6 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.3%

top 46.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Debian Linux +9 more

Timeline

PublishedJul 11

Latest updateJul 12

Description

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use case are not considered security bugs at this time.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages12 packages

▶debiandebian/qemu< qemu 1:7.1+dfsg-1 (bookworm)

▶Debianqemu/qemu< 1:7.1+dfsg-1+2

▶NVDqemu/qemu4.1.50 — 7.0.0

▶msrcmsrc/cbl2_qemu_6.2.0-7_on_cbl_mariner_2.0

▶msrcmsrc/azl3_qemu_6.2.0-18_on_azure_linux_3.0

Also affects: Debian Linux 10.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-78j4-r4gh-xcm9: softmmu/physmem↗2022-07-12

▶

OSV

CVE-2022-35414: softmmu/physmem↗2022-07-11

▶

📋Vendor Advisories

Microsoft

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization U↗2022-07-12

▶

Red Hat

QEMU: cputlb: uninitialized read during address translation leads to a crash↗2022-07-11

▶

Debian

CVE-2022-35414: qemu - softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the...↗2022

▶