CVE-2023-3301

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 13, 2023

Updated: Nov 7, 2023

CWE ID 120

Summary

CVE-2023-3301: A race condition vulnerability was discovered in QEMU, an open-source virtual machine emulator. This issue arises from the asynchronous nature of hot-unplugging, which allows a net device backend to be cleared before the virtio-net PCI frontend has been properly unplugged. A malicious guest operating system could exploit this time window to trigger an assertion and induce a denial-of-service condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zyxel Atp100 Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp800 Firmware
Zyxel Usg Flex 500 Firmware

Affected Vendors

ZyXEL

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rWje_o
https://www.cve.org/CVERecord?id=CVE-2023-3301
https://nvd.nist.gov/vuln/detail/CVE-2023-3301

Back to Vulnerability Database