[Debian] High CVE: CVE-2022-1050 qemu: a use-after-free condition
Bug #2059901 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Triaged
|
High
|
Unassigned |
Bug Description
CVE-2022-1050: https:/
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.
Base Score: High
Reference:
['qemu_
CVE References
summary: |
- [Debian] High CVE: CVE-2022-1050 qemu: leading to a use-after-free - condition + [Debian] High CVE: CVE-2022-1050 qemu: a use-after-free condition |
To post a comment you must log in.
Changing the target release to stx.10.0 since the r/stx.9.0 release branch is created and the team doesn't port CVE fixes to released branches.