Published: 13 September 2023
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.
This is a Red Hat specific CVE that only applied to their package, and not the qemu package in any other distro, including Ubuntu
Severity score breakdown