CVE-2020-13791

Опубликовано: 04 июн. 2020

Источник: debian

EPSS Низкий

Описание

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:5.0-6		package
qemu	not-affected		buster	package
qemu	not-affected		stretch	package
qemu	not-affected		jessie	package

Примечания

https://www.openwall.com/lists/oss-security/2020/06/04/1
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00831.html

EPSS

Процентиль: 32%

0.00398

Низкий

Связанные уязвимости

CVE-2020-13791

CVSS3: 5.5

ubuntu

около 6 лет назад

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

CVE-2020-13791

CVSS3: 2.5

redhat

около 6 лет назад

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

CVE-2020-13791

CVSS3: 5.5

nvd

около 6 лет назад

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

CVE-2020-13791

CVSS3: 5.5

msrc

почти 6 лет назад

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

GHSA-9j9x-v7hw-3v8f

github

около 4 лет назад

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

EPSS

Процентиль: 32%

0.00398

Низкий