QwikSec

Security Database

CVE

CWE

Training

CVE-2023-2700

Published: May 15, 2023

Modified: Jan 28, 2025

PUBLISHED

Description

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

Vendor	Product	Versions
n/a	libvirt	affected `libvirt-4.5.0`

References

https://access.redhat.com/security/cve/CVE-2023-2700

https://bugzilla.redhat.com/show_bug.cgi?id=2203653

https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306

https://security.netapp.com/advisory/ntap-20230706-0001/

FEDORA-2024-2d35e47af3

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.