[Git][security-tracker-team/security-tracker][master] Add CVE-2023-3180/qemu

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
193919a1 by Salvatore Bonaccorso at 2023-08-04T06:22:10+02:00
Add CVE-2023-3180/qemu

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,7 +63,9 @@ CVE-2023-3346 (Buffer Copy without Checking Size of Input ('Classic Buffer Overf
 CVE-2023-3329 (SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable t ...)
 	TODO: check
 CVE-2023-3180 (A flaw was found in the QEMU virtual crypto device while handling data ...)
-	TODO: check
+	- qemu <unfixed>
+	NOTE: Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/04b9b37edda85964cca033a48dcc0298036782f2 (v2.8.0-rc0)
+	NOTE: Proposed patch: https://lists.nongnu.org/archive/html/qemu-devel/2023-08/msg00401.html
 CVE-2023-39144 (Element55 KnowMore appliances version 21 and older was discovered to s ...)
 	TODO: check
 CVE-2023-39121 (emlog v2.1.9 was discovered to contain a SQL injection vulnerability v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/193919a1edf13615b03597d300caa1c3bd5283ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/193919a1edf13615b03597d300caa1c3bd5283ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230804/29543a92/attachment-0001.htm>