vulnerability
Oracle Linux: CVE-2023-2680: ELSA-2023-6368: qemu-kvm security, bug fix, and enhancement update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:M/C:C/I:C/A:C) | May 12, 2023 | Nov 16, 2023 | Dec 3, 2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:M/C:C/I:C/A:C)
Published
May 12, 2023
Added
Nov 16, 2023
Modified
Dec 3, 2025
Description
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.
Solutions
oracle-linux-upgrade-qemu-guest-agentoracle-linux-upgrade-qemu-imgoracle-linux-upgrade-qemu-kvmoracle-linux-upgrade-qemu-kvm-audio-paoracle-linux-upgrade-qemu-kvm-block-blkiooracle-linux-upgrade-qemu-kvm-block-curloracle-linux-upgrade-qemu-kvm-block-rbdoracle-linux-upgrade-qemu-kvm-commonoracle-linux-upgrade-qemu-kvm-coreoracle-linux-upgrade-qemu-kvm-device-display-virtio-gpuoracle-linux-upgrade-qemu-kvm-device-display-virtio-gpu-pcioracle-linux-upgrade-qemu-kvm-device-display-virtio-vgaoracle-linux-upgrade-qemu-kvm-device-usb-hostoracle-linux-upgrade-qemu-kvm-device-usb-redirectoracle-linux-upgrade-qemu-kvm-docsoracle-linux-upgrade-qemu-kvm-toolsoracle-linux-upgrade-qemu-kvm-ui-egl-headlessoracle-linux-upgrade-qemu-kvm-ui-opengloracle-linux-upgrade-qemu-pr-helper
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.