CVE-2020-13362

Опубликовано: 28 мая 2020

Источник: ubuntu

Приоритет: low

CVSS2: 2.1

CVSS3: 3.2

Описание

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

Релиз	Статус	Примечание
bionic	released	1:2.11+dfsg-1ubuntu7.31
devel	not-affected	1:5.0-5ubuntu4
eoan	ignored	end of life
esm-infra-legacy/trusty	not-affected	2.0.0+dfsg-2ubuntu1.47+esm1
esm-infra/bionic	not-affected	1:2.11+dfsg-1ubuntu7.31
esm-infra/focal	not-affected	1:4.2-3ubuntu6.4
esm-infra/xenial	not-affected	1:2.5+dfsg-5ubuntu10.45
focal	released	1:4.2-3ubuntu6.4
groovy	not-affected	1:5.0-5ubuntu4
hirsute	not-affected	1:5.0-5ubuntu4

Показывать по

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hirsute	DNE
precise/esm	ignored	end of life, was needed
trusty	DNE

Показывать по

Ссылки на источники

2.1 Low

CVSS2

3.2 Low

CVSS3

Связанные уязвимости

CVE-2020-13362

CVSS3: 3.2

redhat

около 5 лет назад

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

CVE-2020-13362

CVSS3: 3.2

nvd

около 5 лет назад

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

CVE-2020-13362

CVSS3: 3.2

msrc

почти 5 лет назад

Описание отсутствует

CVE-2020-13362

CVSS3: 3.2

debian

около 5 лет назад

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c h ...

GHSA-75vw-6wgc-576c

CVSS3: 3.2

github

около 3 лет назад

In QEMU 4.2.0, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

2.1 Low

CVSS2

3.2 Low

CVSS3

CVE-2020-13362

Описание

Пакет qemu

Пакет qemu-kvm

Ссылки на источники

Связанные уязвимости