Note:
This project will be discontinued after December 13, 2021. [more]
2020-04-06
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
| Products | Qemu |
| Type | Out-of-bounds Write (CWE-787) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg08322.html
• http://www.openwall.com/lists/oss-security/2020/04/06/1 • https://security.gentoo.org/glsa/202005-02 |