Описание
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qemu | fixed | 1:8.1.1+ds-1 | package | |
| qemu | fixed | 1:7.2+dfsg-7+deb12u3 | bookworm | package |
| qemu | not-affected | bullseye | package | |
| qemu | not-affected | buster | package |
Примечания
https://gitlab.com/qemu-project/qemu/-/issues/1813
Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/356c4c441ec01910314c5867c680bef80d1dd373 (v7.1.0-rc0)
Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/55794c904df723109b228da28b5db778e0df3110 (v7.1.0-rc2)
Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/7cfcc79b0ab800959716738aff9419f53fc68c9c (v8.2.0-rc0)
EPSS
Связанные уязвимости
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
EPSS