CVE-2024-3446

Published: Apr 9, 2024Modified: May 2, 2025

8.2

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability: 1.5 / Impact: 6.0

Source: secalert@redhat.com (Secondary)

Description

A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (8)

https://access.redhat.com/errata/RHSA-2024:6964

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2024-3446

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2274211

Source: secalert@redhat.com

https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2024-3446

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=2274211

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20250502-0007/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.