CVE-2023-2700
Summary
| CVE | CVE-2023-2700 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-05-15 22:15:00 UTC |
|---|
| Updated | 2023-07-06 19:15:00 UTC |
|---|
| Description | A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| virpci: Resolve leak in virPCIVirtualFunctionList cleanup (6425a311) · Commits · libvirt / libvirt · GitLab |
MISC |
gitlab.com |
|
| cve-details |
MISC |
access.redhat.com |
|
| 403 Forbidden |
CONFIRM |
security.netapp.com |
|
| 2203653 – (CVE-2023-2700) CVE-2023-2700 libvirt: Memory leak in virPCIVirtualFunctionList cleanup |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160750 Oracle Enterprise Linux Security Update for libvirt (ELSA-2023-3715)
- 160774 Oracle Enterprise Linux Security Update for virt:ol and virt-devel:rhel (ELSA-2023-3822)
- 160960 Oracle Enterprise Linux Security Update for kvm_utils3 (ELSA-2023-12855)
- 161005 Oracle Enterprise Linux Security Update for kvm_utils2 (ELSA-2023-12924)
- 183847 Debian Security Update for libvirt (CVE-2023-2700)
- 199383 Ubuntu Security Notification for libvirt Vulnerabilities (USN-6126-1)
- 241738 Red Hat Update for libvirt (RHSA-2023:3715)
- 241756 Red Hat Update for virt:rhel and virt-devel:rhel (RHSA-2023:3822)
- 284910 Fedora Security Update for libvirt (FEDORA-2024-2d35e47af3)
- 906991 Common Base Linux Mariner (CBL-Mariner) Security Update for libvirt (26736-1)
- 941147 AlmaLinux Security Update for libvirt (ALSA-2023:3715)
- 941177 AlmaLinux Security Update for virt:rhel and virt-devel:rhel (ALSA-2023:3822)
