Описание
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
An out-of-bounds access flaw was found in the ati-vga emulator of the QEMU. The issue occurs while reading PCI configuration bytes via the ati_mm_read routine if the address sent by a guest is towards an end of the PCI configuration space. This flaw allows a guest user or process to crash the QEMU process resulting in a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-ma | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux 8 | virt:rhel/qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 9 | qemu-kvm | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | qemu-kvm-rhev | Not affected | ||
| Red Hat OpenStack Platform 13 (Queens) | qemu-kvm-rhev | Not affected |
Показывать по
Дополнительная информация
Статус:
2.5 Low
CVSS3
Связанные уязвимости
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of- ...
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
2.5 Low
CVSS3