Your submission was sent successfully! Close

CVE-2022-1050

Published: 29 March 2022

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal Deferred
(2022-06-09)
impish Deferred
(2022-06-09)
jammy Deferred
(2022-06-09)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)