CVE-2023-40360

EUVD-2023-44931
QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
qemuqemu
8.0.0 ≤
𝑥
≤ 8.0.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
qemu
bookworm
1:7.2+dfsg-7+deb12u7
not-affected
bullseye
1:5.2+dfsg-11+deb11u3
not-affected
bullseye (security)
1:5.2+dfsg-11+deb11u2
fixed
buster
not-affected
sid
1:9.2.0+ds-3
fixed
trixie
1:9.2.0+ds-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qemu
bionic
not-affected
focal
not-affected
jammy
not-affected
lunar
not-affected
mantic
Fixed 1:8.0.4+dfsg-1ubuntu3.23.10.2
released
noble
Fixed 1:8.1.3+ds-1ubuntu1
released
oracular
Fixed 1:8.1.3+ds-1ubuntu1
released
trusty
not-affected
xenial
not-affected
Common Weakness Enumeration
References
https://gitlab.com/birkelund/qemu/-/commit/6c8f8456cb0b239812dee5211881426496da7b98
https://gitlab.com/qemu-project/qemu/-/issues/1815
https://security.netapp.com/advisory/ntap-20230915-0004/
https://www.qemu.org/docs/master/system/security.html
https://gitlab.com/birkelund/qemu/-/commit/6c8f8456cb0b239812dee5211881426496da7b98
https://gitlab.com/qemu-project/qemu/-/issues/1815
https://security.netapp.com/advisory/ntap-20230915-0004/
https://www.qemu.org/docs/master/system/security.html