Remote Code Execution Vulnerability in QEMU's of_dpa_cmd_add_l2_flood Hardware Emulation

Remote Code Execution Vulnerability in QEMU's of_dpa_cmd_add_l2_flood Hardware Emulation

CVE-2022-36648 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case.

Learn more about our Web Application Penetration Testing UK.