CVE-2024-26328 — Out-of-bounds Write in Qemu

CWE-787 — Out-of-bounds Write9 documents8 sources

Severity

6.0MEDIUMNVD

OSV5.3

EPSS

0.0%

top 87.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu

Timeline

PublishedFeb 19

Latest updateAug 22

Description

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages3 packages

▶Debianqemu/qemu< 1:7.2+dfsg-7+deb12u6+2

▶Ubuntuqemu/qemu< 1:8.2.2+ds-0ubuntu1.2

▶NVDqemu/qemu7.1.0 — 8.2.1

🔴Vulnerability Details

OSV

qemu vulnerabilities↗2024-08-22

▶

CVEList

CVE-2024-26328: An issue was discovered in QEMU 7↗2024-02-19

▶

GHSA

GHSA-5355-6wp2-29w4: An issue was discovered in QEMU 7↗2024-02-19

▶

OSV

CVE-2024-26328: An issue was discovered in QEMU 7↗2024-02-19

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2024-08-22

▶

Red Hat

QEMU: NVMe: out-of-bounds memory access in nvme_sriov_pre_write_ctrl()↗2024-02-19

▶

Microsoft

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.↗2024-02-13

▶

Debian

CVE-2024-26328: qemu - An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie...↗2024

▶