CVE-2023-21264

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-119
View all →

Vulnerability Description

In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2016-4439

MEDIUM
CVSS:6.7(Medium)

The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a...

CWE-1192016

CVE-2016-8774

MEDIUM
CVSS:6.7(Medium)

The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones ...

CWE-1192016

CVE-2016-8775

MEDIUM
CVSS:6.7(Medium)

Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows att...

CWE-1192016

CVE-2018-0342

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial o...

CWE-1192018

CVE-2018-1068

MEDIUM
CVSS:6.7(Medium)

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

CWE-1192018

CVE-2018-12150

MEDIUM
CVSS:6.7(Medium)

Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local acc...

CWE-1192018