CVE Identifier: CVE-2022-0216 Bug ID: 2036953 Product: Security Response Component: vulnerability Priority: Low Severity: Low Status: CLOSED NOTABUG Reported: 2022-01-04 13:59 UTC by Pedro Sampaio Modified: 2024-03-29 09:18 UTC Last Closed: 2022-04-01 12:25:19 UTC Description: A use after free issue was found in the specifically in function. The function is used to receive a message from the OS and perform actions based on that message. The issue occurs when one message has only a one-byte size. QEMU Tracking Bugs: - Affects: epel-7 [bug-2070900] - Affects: fedora-all [bug-2070902] Xen Tracking Bugs: fedora-all [bug-2070099] STAR Labs Security Advisory: https://starlabs.sg/advisories/22/22-0216 Upstream Issue: https://gitlab.com/qemu-project/qemu/-/issues/972 Upstream Commit: https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc4