Launchpad CVE tracker

CVE 2023-1544

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.

Related bugs and status

CVE-2023-1544 (Candidate) is related to these bugs:

Bug #2038888: [Debian] High CVE: CVE-2020-14394/CVE-2021-20196/.../CVE-2023-3301/CVE-2023-3354 qemu: multiple CVEs

Summary				In	Importance	Status
	2038888	[Debian] High CVE: CVE-2020-14394/CVE-2021-20196/.../CVE-2023-3301/CVE-2023-3354 qemu: multiple CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MISC: https://lists.nongnu.o...
MISC: https://access.redhat....
MISC: https://security.netap...

Launchpad.net

CVE 2023-1544

Related bugs and status

Related bugs

References