CVE-2023-2680 Information

Description

This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=2203387 https://access.redhat.com/security/cve/CVE-2023-2680