CVE Vulnerabilities

CVE-2022-36648

NULL Pointer Dereference

Published: Aug 22, 2023 | Modified: May 17, 2024
CVSS 3.x
10
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Ubuntu
MEDIUM

The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Qemu Qemu * 7.0.0 (including)
Qemu Ubuntu bionic *
Qemu Ubuntu lunar *
Qemu Ubuntu trusty *
Qemu Ubuntu xenial *

Potential Mitigations

References