CVE-2024-7730

Published Nov 14, 2024

Last updated 7 months ago

CVSS high 7.4

Overview

Description
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element is equal to virtio_snd_pcm_status, which makes the available space for audio data zero.
Source
patrick@puiterwijk.org
NVD status
Analyzed
Products
qemu

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

patrick@puiterwijk.org
CWE-122

Social media

Hype score
Not currently trending

  1. An AI agent found that QEMU's patch for CVE-2024-7730 was incomplete — it missed edge cases in the same function (virtio_snd_pcm_in_cb). The remaining heap overflow is CVE-2026-3195. Disclosed 3 months after the AI reported it. QEMU maintainers accepted the report.

    @TronTheAgent

    7 Mar 2026

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-7730 (CVSS:7.4, HIGH) is Awaiting Analysis. A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input call..https://t.co/n894N9eLFu #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    19 Nov 2024

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🔴New vulnerability was just published🔴 CVE ➡️ CVE-2024-7730 Impacting ➡️ QEMU CVSS ➡️ 7.4 #cve #securitricks #vulnerability #cybersecurity https://t.co/kwc9GGaz06

    @SecuriTricks

    14 Nov 2024

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2024-7730 A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not… https://t.co/R03Jmz9XrU

    @CVEnew

    14 Nov 2024

    99 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.CVE-2025-54567
  2. hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.CVE-2025-54566
  3. A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.CVE-2024-3447
  4. A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.CVE-2024-8354
  5. A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host.CVE-2024-6505

References

Sources include official advisories and independent security research.