CVE-2020-13754

Опубликовано: 02 июн. 2020

Источник: debian

EPSS Низкий

Описание

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:5.0-6		package

https://git.qemu.org/?p=qemu.git;a=commitdiff;h=5d971f9e672507210e77d020d89e0e89165c8fc9 (fix)
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=dba04c3488c4699f5afe96f66e448b1d447cf3fb (regression fix)
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=8e67fda2dd6202ccec093fda561107ba14830a17 (regression fix)
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=70b78d4e71494c90d2ccb40381336bc9b9a22f79 (regression fix)

EPSS

Процентиль: 7%

0.00031

Низкий

CVE-2020-13754

CVSS3: 6.7

ubuntu

около 5 лет назад

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

CVE-2020-13754

CVSS3: 5

redhat

около 5 лет назад

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

CVE-2020-13754

CVSS3: 6.7

nvd

около 5 лет назад

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

CVE-2020-13754

CVSS3: 6.7

msrc

почти 5 лет назад

Описание отсутствует

GHSA-7f7c-v5j3-cchv

github

около 3 лет назад

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

EPSS

Процентиль: 7%

0.00031

Низкий