{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-4172", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2023-01-27T00:00:00", "dateReserved": "2022-11-28T00:00:00", "datePublished": "2022-11-29T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-01-27T00:00:00"}, "descriptions": [{"lang": "en", "value": "An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host."}], "affected": [{"vendor": "n/a", "product": "QEMU (ACPI ERST)", "versions": [{"version": "Affected: 7.0.0, Fixed: 7.2.0-rc0", "status": "affected"}]}], "references": [{"url": "https://lore.kernel.org/qemu-devel/20221024154233.1043347-1-lk%40c--e.de/"}, {"url": "https://gitlab.com/qemu-project/qemu/-/issues/1268"}, {"url": "https://gitlab.com/qemu-project/qemu/-/commit/defb7098"}, {"name": "FEDORA-2022-22b1f8dae2", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/"}, {"url": "https://security.netapp.com/advisory/ntap-20230127-0013/"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-120, CWE-190", "cweId": "CWE-120"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:7.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "8F114FE7-3E39-4CEA-8CA7-E82E04B2BC51", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host."}, {"lang": "es", "value": "Se encontraron problemas de desbordamiento de enteros y desbordamiento de b\u00fafer en el dispositivo ACPI Error Record Serialization Table (ERST) de QEMU en las funciones read_erst_record() y write_erst_record(). Ambos problemas pueden permitir que el hu\u00e9sped sobrecargue el b\u00fafer del host asignado para el dispositivo de memoria ERST. Un invitado malintencionado podr\u00eda utilizar estos fallos para bloquear el proceso QEMU en el host."}], "id": "CVE-2022-4172", "lastModified": "2023-11-07T03:57:08.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-29T18:15:10.623", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.com/qemu-project/qemu/-/commit/defb7098"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://gitlab.com/qemu-project/qemu/-/issues/1268"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/"}, {"source": "secalert@redhat.com", "url": "https://lore.kernel.org/qemu-devel/20221024154233.1043347-1-lk%40c--e.de/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230127-0013/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{}