GHSA-mpcr-cpf2-g7x3

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

Ссылки

EPSS

Процентиль: 4%

0.0002

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2020-13253

Дефекты

CWE-125

Связанные уязвимости

CVE-2020-13253

CVSS3: 5.5

ubuntu

около 5 лет назад

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

CVE-2020-13253

CVSS3: 3.3

redhat

около 5 лет назад

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

CVE-2020-13253

CVSS3: 5.5

nvd

около 5 лет назад

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

CVE-2020-13253

CVSS3: 5.5

msrc

почти 5 лет назад

Описание отсутствует

CVE-2020-13253

CVSS3: 5.5

debian

около 5 лет назад

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, wh ...

EPSS

Процентиль: 4%

0.0002

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2020-13253

Дефекты

CWE-125