CVE-2022-4172 — Classic Buffer Overflow in Qemu

CWE-120 — Classic Buffer Overflow CWE-190 — Integer Overflow or Wraparound8 documents7 sources

Severity

6.5MEDIUMNVD

OSV8.8

EPSS

0.0%

top 90.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Fedoraproject Fedora

Timeline

PublishedNov 29

Latest updateJun 19

Description

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages3 packages

▶Debianqemu/qemu< 1:7.2+dfsg-1+2

▶Ubuntuqemu/qemu< 1:4.2-3ubuntu6.27+4

▶NVDqemu/qemu7.0.0

Also affects: Fedora 37

Patches

Patch: gitlab.com ↗Patch: gitlab.com ↗

🔴Vulnerability Details

OSV

qemu vulnerabilities↗2023-06-19

▶

GHSA

GHSA-7m5q-w7p8-x8h4: An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record()↗2022-11-29

▶

CVEList

CVE-2022-4172: An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record()↗2022-11-29

▶

OSV

CVE-2022-4172: An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record()↗2022-11-29

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2023-06-19

▶

Red Hat

QEMU: ACPI ERST: memory corruption issues in read_erst_record and write_erst_record↗2022-10-19

▶

Debian

CVE-2022-4172: qemu - An integer overflow and buffer overflow issues were found in the ACPI Error Reco...↗2022

▶