发布于3月6日3月6日 Members Ubuntu: USN-6167-1 (CVE-2023-0330): QEMU vulnerabilities Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 03/06/2023 Created 06/21/2023 Added 06/20/2023 Modified 01/28/2025 Description A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. Solution(s) ubuntu-pro-upgrade-qemu ubuntu-pro-upgrade-qemu-common ubuntu-pro-upgrade-qemu-guest-agent ubuntu-pro-upgrade-qemu-kvm ubuntu-pro-upgrade-qemu-system ubuntu-pro-upgrade-qemu-system-aarch64 ubuntu-pro-upgrade-qemu-system-arm ubuntu-pro-upgrade-qemu-system-common ubuntu-pro-upgrade-qemu-system-data ubuntu-pro-upgrade-qemu-system-gui ubuntu-pro-upgrade-qemu-system-mips ubuntu-pro-upgrade-qemu-system-misc ubuntu-pro-upgrade-qemu-system-ppc ubuntu-pro-upgrade-qemu-system-s390x ubuntu-pro-upgrade-qemu-system-sparc ubuntu-pro-upgrade-qemu-system-x86 ubuntu-pro-upgrade-qemu-system-x86-microvm ubuntu-pro-upgrade-qemu-system-x86-xen ubuntu-pro-upgrade-qemu-system-xen References https://attackerkb.com/topics/cve-2023-0330 CVE - 2023-0330 USN-6167-1
