CVE-2023-1544

CVE-2023-1544

Name

CVE-2023-1544

Description

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html
MISC	https://bugzilla.redhat.com/show_bug.cgi?id=2180364
CONFIRM	https://security.netapp.com/advisory/ntap-20230511-0005/
vdb-entry	https://access.redhat.com/security/cve/CVE-2023-1544
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html

Type

URI

MISC

https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html

MISC

https://bugzilla.redhat.com/show_bug.cgi?id=2180364

CONFIRM

https://security.netapp.com/advisory/ntap-20230511-0005/

vdb-entry

https://access.redhat.com/security/cve/CVE-2023-1544

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html