USN-6954-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2023-6683 CVE-2023-6693 CVE-2024-24474 UBUNTU-CVE-2023-6683 UBUNTU-CVE-2023-6693 UBUNTU-CVE-2024-24474

Published: 13 Aug 2024, 06:44

Last modified:04 Feb 2026, 03:09

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

13 Aug 2024, 06:44

Published

Vulnerability first disclosed

04 Feb 2026, 03:09

Last Modified

Vulnerability information updated

Description

qemu vulnerabilities Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. (CVE-2023-6683) Xiao Lei discovered that QEMU did not properly handle certain memory operations when specific features were enabled, which could lead to a stack overflow. An attacker could potentially use this issue to leak sensitive information. (CVE-2023-6693) It was discovered that QEMU had an integer underflow vulnerability in the TI command, which would result in a buffer overflow. An attacker could potentially use this issue to cause a denial of service. (CVE-2024-24474)

Affected Systems

ubuntu•qemu
< 1:6.2+dfsg-2ubuntu6.22

USN-6954-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)