CVE-2023-5088
03.11.2023, 14:15
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot.Enginsight
| Vendor | Product | Version |
|---|---|---|
| qemu | qemu | 𝑥 < 8.2.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 9.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| qemu |
|
Common Weakness Enumeration
- CWE-821 - Incorrect SynchronizationThe software utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource.
- CWE-662 - Improper SynchronizationThe software utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.
References