You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2023 1544
About this tag
CVE-2023-1544 is a security vulnerability in QEMU's paravirtual RDMA (pvrdma) implementation. A guest can trigger an out-of-bounds read in the pvrdma_ring_next_elem_read() function due to a boundary-checking bug, causing the QEMU process to crash. This results in a host-side denial-of-service condition, which is a critical availability concern for operators and cloud providers. The vulnerability was disclosed in March 2023 and affects systems using QEMU with pvrdma devices. Administrators should apply patches or mitigations to prevent guest-triggered host crashes.
A subtle boundary-checking bug in QEMU’s paravirtual RDMA implementation — tracked as CVE-2023-1544 — can be triggered by a guest to cause an out-of-bounds read in pvrdma_ring_next_elem_read(), crashing the qemu process and producing a host-side denial-of-service that operators and cloud...