2203387 – (CVE-2023-2680) CVE-2023-2680 QEMU: hcd-ehci: DMA reentrancy issue (incomplete fix for CVE-2021-3750)

Bug 2203387 (CVE-2023-2680) - CVE-2023-2680 QEMU: hcd-ehci: DMA reentrancy issue (incomplete fix for CVE-2021-3750)

Summary: CVE-2023-2680 QEMU: hcd-ehci: DMA reentrancy issue (incomplete fix for CVE-20...

Keywords:
Status:	NEW
Alias:	CVE-2023-2680
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2203388
Blocks:	2203420
TreeView+	depends on / blocked

Reported:	2023-05-12 11:31 UTC by Mauro Matteo Cascella
Modified:	2023-11-07 08:14 UTC (History)
CC List:	16 users (show)
Fixed In Version:
Doc Type:	---
Doc Text:	This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:6368	0	None	None	None	2023-11-07 08:14:31 UTC

Description Mauro Matteo Cascella 2023-05-12 11:31:13 UTC

The QEMU flaw CVE-2021-3750 (bug 1999073) was declared fixed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2022:7967, released on Nov 15, 2022:

https://access.redhat.com/errata/RHSA-2022:7967

However, the erratum included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750. The CVE-2023-2680 was assigned to this incomplete fix and it is specific to the qemu-kvm packages produced by Red Hat. This issue and CVE-ID is not applicable to any upstream QEMU version or QEMU packages of any other vendor that are not directly based on Red Hat Enterprise Linux packages.

For more information about the original flaw, refer to the CVE page or bug linked above.

Comment 3 errata-xmlrpc 2023-11-07 08:14:29 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6368 https://access.redhat.com/errata/RHSA-2023:6368

Note You need to log in before you can comment on or make changes to this bug.