Описание
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:2.11+dfsg-1ubuntu7.13 |
| cosmic | released | 1:2.12+dfsg-3ubuntu8.7 |
| devel | released | 1:3.1+dfsg-2ubuntu4 |
| disco | released | 1:3.1+dfsg-2ubuntu3.1 |
| eoan | released | 1:3.1+dfsg-2ubuntu4 |
| esm-infra-legacy/trusty | not-affected | 2.0.0+dfsg-2ubuntu1.46 |
| esm-infra/bionic | not-affected | 1:2.11+dfsg-1ubuntu7.13 |
| esm-infra/focal | not-affected | 1:3.1+dfsg-2ubuntu4 |
| esm-infra/xenial | not-affected | 1:2.5+dfsg-5ubuntu10.38 |
| focal | released | 1:3.1+dfsg-2ubuntu4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated ...
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
Уязвимость функции load_device_tree эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю выполнять произвольный код
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3