CVE-2023-40360

MEDIUM

Qemu < 8.0.4 - NULL Pointer Dereference

Title source: rule

Description

QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.

References (4)

[Patch] https://gitlab.com/birkelund/qemu/-/commit/6c8f8456cb0b239812dee5211881426496da7b98

View Patch ZIP pw:eip

[Exploit, Issue Tracking, Vendor Advisory] https://gitlab.com/qemu-project/qemu/-/issues/1815

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20230915-0004/

[Vendor Advisory] https://www.qemu.org/docs/master/system/security.html

Scores

CVSS v3 5.5

EPSS 0.0004

EPSS Percentile 12.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-476

Status published

Affected Products (1)

qemu/qemu < 8.0.4

Timeline

Published Aug 14, 2023

Tracked Since Feb 18, 2026