Main Vulnerability Database SB2023112404

SB2023112404 - Red Hat Enterprise Linux 8 update for the virt:rhel and virt-devel:rhel modules

Published: November 24, 2023

Security Bulletin ID SB2023112404

Severity

High

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2021-3750)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the USB EHCI controller emulation of QEMU. A remote guest can trigger a use-after-free error and execute arbitrary code on the host OS.

2) Reachable Assertion (CVE-ID: CVE-2023-3301)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion. When a peer nic is still attached to the vdpa backend, it is too early to free up the vhost-net and vdpa structures. If these structures are freed here, then QEMU crashes when the guest is being shut down.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2023:6980