Launchpad CVE tracker

CVE 2023-0330

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.

Related bugs and status

CVE-2023-0330 (Candidate) is related to these bugs:

Bug #1994002: [SRU] migration was active, but no RAM info was set

		In	Importance	Status
1994002	[SRU] migration was active, but no RAM info was set	qemu (Ubuntu)	Medium	Fix Released
1994002	[SRU] migration was active, but no RAM info was set	qemu (Ubuntu Kinetic)	Medium	Fix Released
1994002	[SRU] migration was active, but no RAM info was set	qemu (Ubuntu Jammy)	Medium	Fix Released
1994002	[SRU] migration was active, but no RAM info was set	qemu (Ubuntu Focal)	Medium	Fix Released
1994002	[SRU] migration was active, but no RAM info was set	Ubuntu Cloud Archive	Undecided	Invalid
1994002	[SRU] migration was active, but no RAM info was set	Ubuntu Cloud Archive ussuri	Undecided	Fix Released
1994002	[SRU] migration was active, but no RAM info was set	qemu (Ubuntu Bionic)	Medium	Fix Released

Bug #2038888: [Debian] High CVE: CVE-2020-14394/CVE-2021-20196/.../CVE-2023-3301/CVE-2023-3354 qemu: multiple CVEs

Summary				In	Importance	Status
	2038888	[Debian] High CVE: CVE-2020-14394/CVE-2021-20196/.../CVE-2023-3301/CVE-2023-3354 qemu: multiple CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2023-0330

References