Unrated severityNVD Advisory· Published Sep 13, 2023· Updated Feb 13, 2025
Dma reentrancy issue (incomplete fix for cve-2021-3750)
CVE-2023-2680
Description
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
40- osv-coords38 versionspkg:apk/chainguard/qemupkg:apk/chainguard/qemu-edk2-aarch64pkg:apk/chainguard/qemu-edk2-x86_64pkg:apk/chainguard/qemu-ipxepkg:apk/chainguard/qemu-system-aarch64pkg:apk/chainguard/qemu-system-x86_64pkg:apk/chainguard/qemu-userpkg:apk/chainguard/qemu-user-binfmtpkg:apk/chainguard/qemu-utilspkg:apk/wolfi/qemupkg:apk/wolfi/qemu-edk2-aarch64pkg:apk/wolfi/qemu-edk2-x86_64pkg:apk/wolfi/qemu-ipxepkg:apk/wolfi/qemu-system-aarch64pkg:apk/wolfi/qemu-system-x86_64pkg:apk/wolfi/qemu-userpkg:apk/wolfi/qemu-user-binfmtpkg:apk/wolfi/qemu-utilspkg:rpm/almalinux/qemu-guest-agentpkg:rpm/almalinux/qemu-imgpkg:rpm/almalinux/qemu-kvmpkg:rpm/almalinux/qemu-kvm-audio-papkg:rpm/almalinux/qemu-kvm-block-blkiopkg:rpm/almalinux/qemu-kvm-block-curlpkg:rpm/almalinux/qemu-kvm-block-rbdpkg:rpm/almalinux/qemu-kvm-commonpkg:rpm/almalinux/qemu-kvm-corepkg:rpm/almalinux/qemu-kvm-device-display-virtio-gpupkg:rpm/almalinux/qemu-kvm-device-display-virtio-gpu-ccwpkg:rpm/almalinux/qemu-kvm-device-display-virtio-gpu-pcipkg:rpm/almalinux/qemu-kvm-device-display-virtio-vgapkg:rpm/almalinux/qemu-kvm-device-usb-hostpkg:rpm/almalinux/qemu-kvm-device-usb-redirectpkg:rpm/almalinux/qemu-kvm-docspkg:rpm/almalinux/qemu-kvm-toolspkg:rpm/almalinux/qemu-kvm-ui-egl-headlesspkg:rpm/almalinux/qemu-kvm-ui-openglpkg:rpm/almalinux/qemu-pr-helper
< 0+ 37 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
- (no CPE)range: < 17:8.0.0-16.el9_3.alma.1
Patches
Vulnerability mechanics
References
3- access.redhat.com/security/cve/CVE-2023-2680mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- security.netapp.com/advisory/ntap-20231116-0001/mitre
News mentions
0No linked articles in our index yet.