Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-3447

Опубликовано: 14 нояб. 2024
Источник: debian
EPSS Низкий

Описание

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:8.2.3+ds-1package
qemufixed1:7.2+dfsg-7+deb12u6bookwormpackage
qemuno-dsabusterpackage

Примечания

  • https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/

  • https://patchew.org/QEMU/20240409145524.27913-1-philmd@linaro.org/

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58813

  • https://gitlab.com/qemu-project/qemu/-/commit/9e4b27ca6bf4974f169bbca7f3dca117b1208b6f (v9.0.0-rc3)

  • https://gitlab.com/qemu-project/qemu/-/commit/35a67d2aa8caf8eb0bee7d38515924c95417047e (v8.2.3)

EPSS

Процентиль: 4%
0.00021
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-3447

CVSS3: 6
ubuntu
7 месяцев назад

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

redhat логотип

CVE-2024-3447

CVSS3: 6
redhat
около 1 года назад

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

nvd логотип

CVE-2024-3447

CVSS3: 6
nvd
7 месяцев назад

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

msrc логотип

CVE-2024-3447

CVSS3: 6
msrc
около 2 месяцев назад

Описание отсутствует

github логотип

GHSA-mq5w-grf9-5rp9

CVSS3: 6
github
7 месяцев назад

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

EPSS

Процентиль: 4%
0.00021
Низкий