Уязвимость CVE-2024-3446: Информация
Описание
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
Исправленные пакеты
Имя пакета | Ветка | Исправлено в версии | Версия в репозитории | Errata ID | № Задания | Состояние |
---|---|---|---|---|---|---|
qemu | sisyphus | 8.2.3-alt1 | 8.2.4-alt1 | ALT-PU-2024-7560-2 | 347599 | Исправлено |
qemu | sisyphus_loongarch64 | 8.2.3-alt1 | 8.2.3-alt1 | ALT-PU-2024-7731-1 | - | Исправлено |
qemu | p11 | 8.2.3-alt1 | 8.2.3-alt1 | ALT-PU-2024-7560-2 | 347599 | Исправлено |