GHSA-xvx4-fr25-r858

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 3.3

Описание

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

Ссылки

EPSS

Процентиль: 5%

0.00026

Низкий

3.3 Low

CVSS3

CVE ID

CVE-2020-15859

Дефекты

CWE-416

Связанные уязвимости

CVE-2020-15859

CVSS3: 3.3

ubuntu

почти 5 лет назад

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

CVE-2020-15859

CVSS3: 3.8

redhat

почти 5 лет назад

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

CVE-2020-15859

CVSS3: 3.3

nvd

почти 5 лет назад

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

CVE-2020-15859

CVSS3: 3.3

msrc

почти 5 лет назад

Описание отсутствует

CVE-2020-15859

CVSS3: 3.3

debian

почти 5 лет назад

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a gues ...

EPSS

Процентиль: 5%

0.00026

Низкий

3.3 Low

CVSS3

CVE ID

CVE-2020-15859

Дефекты

CWE-416