exploitDog

CVE-2020-29443

Опубликовано: 26 янв. 2021

Источник: debian

Описание

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:5.2+dfsg-11		package

Примечания

https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg04255.html
https://git.qemu.org/?p=qemu.git;a=commit;h=813212288970c39b1800f63e83ac6e96588095c6
https://git.qemu.org/?p=qemu.git;a=commit;h=b8d7f1bc59276fec85e4d09f1567613a3e14d31e
https://www.openwall.com/lists/oss-security/2021/01/18/2

Связанные уязвимости

CVE-2020-29443

CVSS3: 3.9

ubuntu

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CVE-2020-29443

CVSS3: 3.9

redhat

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CVE-2020-29443

CVSS3: 3.9

nvd

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

GHSA-3q92-j8r6-g6h8

CVSS3: 3.9

github

около 3 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

ELSA-2021-2322

oracle-oval

около 4 лет назад

ELSA-2021-2322: qemu-kvm security update (MODERATE)