CVE-2023-3301 — Reachable Assertion in Qemu

CWE-617 — Reachable Assertion CWE-362 — Race Condition11 documents9 sources

Severity

5.6MEDIUMNVD

OSV3.2

EPSS

0.0%

top 99.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Redhat Enterprise Linux

Timeline

PublishedSep 13

Latest updateJun 6

Description

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 1.1 | Impact: 4.0

Affected Packages3 packages

▶Debianqemu/qemu< 1:5.2+dfsg-11+deb11u3+3

▶Ubuntuqemu/qemu< 1:4.2-3ubuntu6.28+3

▶NVDqemu/qemu8.0.3

Also affects: Enterprise Linux 8.0, 9.0

Patches

Patch: access.redhat.com ↗Patch: access.redhat.com ↗

🔴Vulnerability Details

OSV

qemu regression↗2024-06-06

▶

OSV

qemu vulnerabilities↗2024-01-08

▶

OSV

CVE-2023-3301: A flaw was found in QEMU↗2023-09-13

▶

GHSA

GHSA-cp42-9j6q-v649: A flaw was found in QEMU↗2023-09-13

▶

CVEList

Triggerable assertion due to race condition in hot-unplug↗2023-09-13

▶

📋Vendor Advisories

CISA ICS

Siemens SCALANCE XCM-/XRM-300↗2024-02-15

▶

Ubuntu

QEMU vulnerabilities↗2024-01-08

▶

Microsoft

Triggerable assertion due to race condition in hot-unplug↗2023-09-12

▶

Red Hat

QEMU: net: triggerable assertion due to race condition in hot-unplug↗2023-06-19

▶

Debian

CVE-2023-3301: qemu - A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario...↗2023

▶