Описание
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
EPSS
6 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.
A heap out-of-bounds memory read flaw was found in the virtual nvme de ...
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.
Уязвимость функции nvme_fdp_events() виртуального устройства NVMe эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
6 Medium
CVSS3
6.5 Medium
CVSS3