Описание
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:2.11+dfsg-1ubuntu7.23 |
| devel | released | 1:4.2-3ubuntu1 |
| eoan | released | 1:4.0+dfsg-0ubuntu9.4 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/bionic | not-affected | 1:2.11+dfsg-1ubuntu7.23 |
| esm-infra/focal | not-affected | 1:4.2-3ubuntu1 |
| esm-infra/xenial | not-affected | 1:2.5+dfsg-5ubuntu10.43 |
| focal | released | 1:4.2-3ubuntu1 |
| groovy | released | 1:4.2-3ubuntu1 |
| hirsute | released | 1:4.2-3ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE |
Показывать по
EPSS
6 Medium
CVSS2
7.7 High
CVSS3
Связанные уязвимости
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
An out-of-bounds heap buffer access flaw was found in the way the iSCS ...
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.x.x up to and including 2.12.0 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
EPSS
6 Medium
CVSS2
7.7 High
CVSS3