{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T17:46:09.803","vulnerabilities":[{"cve":{"id":"CVE-2022-4172","sourceIdentifier":"secalert@redhat.com","published":"2022-11-29T18:15:10.623","lastModified":"2025-04-14T18:15:25.480","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host."},{"lang":"es","value":"Se encontraron problemas de desbordamiento de enteros y desbordamiento de búfer en el dispositivo ACPI Error Record Serialization Table (ERST) de QEMU en las funciones read_erst_record() y write_erst_record(). Ambos problemas pueden permitir que el huésped sobrecargue el búfer del host asignado para el dispositivo de memoria ERST. Un invitado malintencionado podría utilizar estos fallos para bloquear el proceso QEMU en el host."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":4.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":4.0}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qemu:qemu:7.0.0:-:*:*:*:*:*:*","matchCriteriaId":"8F114FE7-3E39-4CEA-8CA7-E82E04B2BC51"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","matchCriteriaId":"E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}]}]}],"references":[{"url":"https://gitlab.com/qemu-project/qemu/-/commit/defb7098","source":"secalert@redhat.com","tags":["Patch","Third Party Advisory"]},{"url":"https://gitlab.com/qemu-project/qemu/-/issues/1268","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/","source":"secalert@redhat.com"},{"url":"https://lore.kernel.org/qemu-devel/20221024154233.1043347-1-lk%40c--e.de/","source":"secalert@redhat.com"},{"url":"https://security.netapp.com/advisory/ntap-20230127-0013/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://gitlab.com/qemu-project/qemu/-/commit/defb7098","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://gitlab.com/qemu-project/qemu/-/issues/1268","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lore.kernel.org/qemu-devel/20221024154233.1043347-1-lk%40c--e.de/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20230127-0013/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}