Описание
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:2.8+dfsg-3ubuntu2 |
| bionic | not-affected | 1:2.8+dfsg-3ubuntu2 |
| cosmic | not-affected | 1:2.8+dfsg-3ubuntu2 |
| devel | not-affected | 1:2.8+dfsg-3ubuntu2 |
| disco | not-affected | 1:2.8+dfsg-3ubuntu2 |
| eoan | not-affected | 1:2.8+dfsg-3ubuntu2 |
| esm-infra-legacy/trusty | released | 2.0.0+dfsg-2ubuntu1.33 |
| esm-infra/bionic | not-affected | 1:2.8+dfsg-3ubuntu2 |
| esm-infra/focal | not-affected | 1:2.8+dfsg-3ubuntu2 |
| esm-infra/xenial | released | 1:2.5+dfsg-5ubuntu10.11 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
EPSS
2.1 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
2.1 Low
CVSS2
6.5 Medium
CVSS3