CVE-2023-2700
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-2700
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2700.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-2700
- Downstream
- Related
- Published
- 2023-05-15T22:15:12Z
- Modified
- 2025-11-02T15:10:50.983174Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.
- References
-
- https://access.redhat.com/security/cve/CVE-2023-2700
- https://bugzilla.redhat.com/show_bug.cgi?id=2203653
- https://security.netapp.com/advisory/ntap-20230706-0001/
- https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/
Affected packages
Git / github.com/libvirt/libvirt
Git / gitlab.com/libvirt/libvirt
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.com/libvirt/libvirt
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
CVE-2011-1146
CVE-2011-1486
CVE-2011-2178
CVE-2012-3411
CVE-2012-3445
CVE-2012-4423
CVE-2013-0170
CVE-2013-1962
CVE-2013-2218
CVE-2013-2230
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4291
CVE-2013-4292
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400-1
CVE-2013-4400-2
CVE-2013-4400-3
CVE-2013-4401
CVE-2013-5651
CVE-2013-6436
CVE-2013-6457
CVE-2013-6458-1
CVE-2013-6458-2
CVE-2013-6458-3
CVE-2013-6458-4
CVE-2013-7336
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447-1
CVE-2014-1447-2
CVE-2014-3633
CVE-2014-3657
CVE-2014-7823
CVE-2014-8131-1
CVE-2014-8131-2
CVE-2014-8135
CVE-2014-8136
CVE-2015-0236-1
CVE-2015-0236-2
CVE-2015-5247-1
CVE-2015-5247-2
CVE-2015-5247-3
CVE-2015-5313
CVE-2016-5008
CVE-2017-1000256
CVE-2017-2635
LIBVIRT_0_0_3
LIBVIRT_0_0_4
LIBVIRT_0_0_5
LIBVIRT_0_1_0
LIBVIRT_0_1_1
LIBVIRT_0_1_10
LIBVIRT_0_1_11
LIBVIRT_0_1_3
LIBVIRT_0_1_4
LIBVIRT_0_1_6
LIBVIRT_0_1_7
LIBVIRT_0_1_8
LIBVIRT_0_1_9
LIBVIRT_0_2_0
LIBVIRT_0_2_1
LIBVIRT_0_2_2
LIBVIRT_0_3_0
LIBVIRT_0_3_1
LIBVIRT_0_3_2
LIBVIRT_0_3_3
LIBVIRT_0_4_1
LIBVIRT_0_4_2
LIBVIRT_0_4_4
LIBVIRT_0_4_6
LIBVIRT_0_5_0
LIBVIRT_0_5_1
LIBVIRT_0_6_0
LIBVIRT_0_6_1
LIBVIRT_0_6_2
LIBVIRT_0_6_3
LIBVIRT_0_6_4
LIBVIRT_0_6_5
LIBVIR_0_0_1
LIBVIR_0_0_2
LIVIRT_0_2_3
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.1.0
v0.1.1
v0.1.10
v0.1.11
v0.1.3
v0.1.4
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.10.0
v0.10.0-rc0
v0.10.0-rc1
v0.10.0-rc2
v0.10.1
v0.10.2
v0.10.2-rc1
v0.10.2-rc2
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.1
v0.4.2
v0.4.4
v0.4.6
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.9.0
v0.9.1
v0.9.10
v0.9.10-rc1
v0.9.10-rc2
v0.9.11
v0.9.11-rc1
v0.9.11-rc2
v0.9.12
v0.9.12-rc1
v0.9.12-rc2
v0.9.13
v0.9.13-rc1
v0.9.13-rc2
v0.9.2
v0.9.3
v0.9.3-rc1
v0.9.3-rc2
v0.9.4
v0.9.4-rc1
v0.9.4-rc2
v0.9.5
v0.9.5-rc1
v0.9.5-rc2
v0.9.5-rc3
v0.9.6
v0.9.7
v0.9.7-rc1
v0.9.8
v0.9.8-rc1
v0.9.8-rc2
v0.9.9
v0.9.9-rc1
v0.9.9-rc2
v1.*
v1.0.0
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3
v1.0.1
v1.0.1-rc1
v1.0.1-rc2
v1.0.2
v1.0.2-rc1
v1.0.2-rc2
v1.0.3
v1.0.3-rc1
v1.0.3-rc2
v1.0.4
v1.0.4-rc1
v1.0.4-rc2
v1.0.5
v1.0.5-rc1
v1.0.6
v1.0.6-rc1
v1.0.6-rc2
v1.1.0
v1.1.0-rc1
v1.1.0-rc2
v1.1.1
v1.1.1-rc1
v1.1.1-rc2
v1.1.2
v1.1.2-rc1
v1.1.2-rc2
v1.1.3
v1.1.3-rc1
v1.1.3-rc2
v1.1.4
v1.1.4-rc1
v1.1.4-rc2
v1.2.0
v1.2.0-rc1
v1.2.0-rc2
v1.2.1
v1.2.1-rc1
v1.2.1-rc2
v1.2.10
v1.2.10-rc1
v1.2.10-rc2
v1.2.11
v1.2.11-rc1
v1.2.11-rc2
v1.2.12
v1.2.12-rc1
v1.2.12-rc2
v1.2.13
v1.2.13-rc1
v1.2.13-rc2
v1.2.14
v1.2.14-rc1
v1.2.14-rc2
v1.2.15
v1.2.15-rc1
v1.2.15-rc2
v1.2.16
v1.2.16-rc1
v1.2.16-rc2
v1.2.17
v1.2.17-rc1
v1.2.17-rc2
v1.2.18
v1.2.18-rc1
v1.2.18-rc2
v1.2.19
v1.2.19-rc1
v1.2.19-rc2
v1.2.2
v1.2.2-rc1
v1.2.2-rc2
v1.2.20
v1.2.20-rc1
v1.2.20-rc2
v1.2.21
v1.2.21-rc1
v1.2.21-rc2
v1.2.3
v1.2.3-rc1
v1.2.3-rc2
v1.2.4
v1.2.4-rc1
v1.2.4-rc2
v1.2.5
v1.2.5-rc1
v1.2.5-rc2
v1.2.6
v1.2.6-rc1
v1.2.6-rc2
v1.2.7
v1.2.7-rc1
v1.2.7-rc2
v1.2.8
v1.2.8-rc1
v1.2.8-rc2
v1.2.9
v1.2.9-rc1
v1.2.9-rc2
v1.3.0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.3.1-rc1
v1.3.1-rc2
v1.3.2
v1.3.2-rc1
v1.3.2-rc2
v1.3.3
v1.3.3-rc1
v1.3.3-rc2
v1.3.4
v1.3.4-rc1
v1.3.4-rc2
v1.3.5
v1.3.5-rc1
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.1.0
v2.1.0-rc1
v2.2.0
v2.2.0-rc1
v2.2.0-rc2
v2.3.0
v2.3.0-rc1
v2.3.0-rc2
v2.4.0
v2.4.0-rc1
v2.4.0-rc2
v2.5.0
v2.5.0-rc1
v2.5.0-rc2
v3.*
v3.0.0
v3.0.0-rc1
v3.0.0-rc2
v3.1.0
v3.1.0-rc1
v3.1.0-rc2
v3.10.0
v3.10.0-rc1
v3.10.0-rc2
v3.2.0
v3.2.0-rc1
v3.2.0-rc2
v3.3.0
v3.3.0-rc1
v3.3.0-rc2
v3.4.0
v3.4.0-rc1
v3.4.0-rc2
v3.5.0
v3.5.0-rc1
v3.5.0-rc2
v3.6.0
v3.6.0-rc1
v3.6.0-rc2
v3.7.0
v3.7.0-rc1
v3.7.0-rc2
v3.8.0
v3.8.0-rc1
v3.9.0
v3.9.0-rc1
v3.9.0-rc2
v4.*
v4.0.0
v4.0.0-rc1
v4.0.0-rc2
v4.1.0
v4.1.0-rc1
v4.1.0-rc2
v4.10.0
v4.10.0-rc1
v4.10.0-rc2
v4.2.0
v4.2.0-rc1
v4.2.0-rc2
v4.3.0
v4.3.0-rc1
v4.3.0-rc2
v4.4.0
v4.4.0-rc1
v4.4.0-rc2
v4.5.0
v4.5.0-rc1
v4.5.0-rc2
v4.6.0
v4.6.0-rc1
v4.6.0-rc2
v4.7.0
v4.7.0-rc1
v4.7.0-rc2
v4.8.0
v4.8.0-rc1
v4.8.0-rc2
v4.9.0
v4.9.0-rc1
v5.*
v5.0.0
v5.0.0-rc1
v5.0.0-rc2
v5.1.0
v5.1.0-rc1
v5.1.0-rc2
v5.10.0
v5.10.0-rc1
v5.10.0-rc2
v5.2.0
v5.2.0-rc1
v5.2.0-rc2
v5.3.0
v5.3.0-rc1
v5.3.0-rc2
v5.4.0
v5.4.0-rc1
v5.4.0-rc2
v5.5.0
v5.5.0-rc1
v5.5.0-rc2
v5.6.0
v5.6.0-rc1
v5.6.0-rc2
v5.7.0
v5.7.0-rc1
v5.7.0-rc2
v5.8.0
v5.8.0-rc1
v5.8.0-rc2
v5.9.0
v5.9.0-rc1
v6.*
v6.0.0
v6.0.0-rc1
v6.0.0-rc2
v6.1.0
v6.1.0-rc1
v6.1.0-rc2
v6.10.0
v6.10.0-rc1
v6.10.0-rc2
v6.2.0
v6.2.0-rc1
v6.3.0
v6.3.0-rc1
v6.4.0
v6.4.0-rc1
v6.5.0
v6.5.0-rc1
v6.5.0-rc2
v6.6.0
v6.6.0-rc1
v6.7.0
v6.7.0-rc1
v6.7.0-rc2
v6.8.0
v6.8.0-rc1
v6.8.0-rc2
v6.9.0
v6.9.0-rc1
v6.9.0-rc2
v7.*
v7.0.0
v7.0.0-rc1
v7.0.0-rc2
v7.1.0
v7.1.0-rc1
v7.1.0-rc2
v7.10.0
v7.10.0-rc1
v7.10.0-rc2
v7.2.0
v7.2.0-rc1
v7.2.0-rc2
v7.3.0
v7.3.0-rc1
v7.3.0-rc2
v7.4.0
v7.4.0-rc1
v7.4.0-rc2
v7.5.0
v7.5.0-rc1
v7.5.0-rc2
v7.6.0
v7.6.0-rc1
v7.6.0-rc2
v7.7.0
v7.7.0-rc1
v7.7.0-rc2
v7.8.0
v7.8.0-rc1
v7.8.0-rc2
v7.9.0
v7.9.0-rc1
v7.9.0-rc2
v8.*
v8.0.0
v8.0.0-rc1
v8.0.0-rc2
v8.1.0
v8.1.0-rc1
v8.1.0-rc2
v8.10.0
v8.10.0-rc1
v8.10.0-rc2
v8.2.0
v8.2.0-rc1
v8.2.0-rc2
v8.3.0
v8.3.0-rc1
v8.3.0-rc2
v8.4.0
v8.4.0-rc1
v8.4.0-rc2
v8.5.0
v8.5.0-rc1
v8.5.0-rc2
v8.6.0
v8.6.0-rc1
v8.6.0-rc2
v8.7.0
v8.7.0-rc1
v8.7.0-rc2
v8.8.0
v8.8.0-rc1
v8.8.0-rc2
v8.9.0
v8.9.0-rc1
v8.9.0-rc2
v9.*
v9.0.0
v9.0.0-rc1
v9.0.0-rc2
v9.1.0
v9.1.0-rc1
v9.1.0-rc2
v9.2.0
v9.2.0-rc1
v9.2.0-rc2
v9.3.0-rc1
v9.3.0-rc2
Database specific
vanir_signatures
[
{
"source": "https://gitlab.com/libvirt/libvirt@6425a311b8ad19d6f9c0b315bf1d722551ea3585",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/util/virpci.c"
},
"id": "CVE-2023-2700-3a96a97a",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"291082606852247192441890115716468184656",
"16831957577810862612064145808021769204",
"80407383512522332122355084597981728215"
]
}
},
{
"source": "https://gitlab.com/libvirt/libvirt@6425a311b8ad19d6f9c0b315bf1d722551ea3585",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "virPCIVirtualFunctionListFree",
"file": "src/util/virpci.c"
},
"id": "CVE-2023-2700-ae04aff4",
"signature_type": "Function",
"digest": {
"length": 250.0,
"function_hash": "128985930182926183113986912607142045219"
}
}
]