cve 2023 3301

About this tag
CVE-2023-3301 is a QEMU vulnerability that allows a malicious guest to trigger a denial-of-service condition on the host. The issue arises during a hot-unplug operation, where a race condition between asynchronous device teardown steps can cause an assertion failure. This drops the QEMU process, impacting all virtual machines on that host. The vulnerability is rated high severity and affects virtualization environments using QEMU. Discussions on WindowsForum cover the technical details, affected versions, and mitigation strategies for administrators managing QEMU-based virtualization hosts.
  1. CVE-2023-3301: QEMU Hot-Unplug Race Triggers VM DoS

    CVE‑2023‑3301 is a QEMU vulnerability that lets a malicious guest reliably trigger an assertion during a hot‑unplug operation — a race between asynchronous device teardown steps — and in practice can drop the hosting QEMU process, producing a high‑impact denial‑of‑service for affected...