VYPR
← All advisories
Medium severity6.0NVD Advisory· Published Jul 24, 2023· Updated May 12, 2026

CVE-2023-3019

CVE-2023-3019

Description

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.

Affected products

11
  • QEMU/Qemu
    cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
    Range: <8.2.0
  • Red Hat/Enterprise Linux3 versions
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
  • Red Hat/Red Hat Enterprise Linux 8 Advanced Virtualizationv5
    cpe:/a:redhat:advanced_virtualization:8::el8
  • Red Hat/Red Hat Enterprise Linux 8v5
    cpe:/a:redhat:enterprise_linux:8::crb
    Range: 8090020231206155326.a75119d5
  • Red Hat/Red Hat Enterprise Linux 9v5
    cpe:/a:redhat:enterprise_linux:9::appstream
    Range: 17:8.2.0-11.el9_4
  • Red Hat/Red Hat Enterprise Linux 8.6 Extended Update Supportv5
    cpe:/a:redhat:rhel_eus:8.6::appstream
    Range: 8060020231128234847.ad008a3a
  • Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Supportv5
    cpe:/a:redhat:rhel_eus:8.8::appstream
    Range: 8080020240116113044.63b34585
  • Red Hat/Red Hat Enterprise Linux 6v5
    cpe:/o:redhat:enterprise_linux:6
  • Red Hat/Red Hat Enterprise Linux 7v5
    cpe:/o:redhat:enterprise_linux:7

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

1