Note:
This project will be discontinued after December 13, 2021. [more]
2020-06-04
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
| Products | Qemu |
| Type | Out-of-bounds Read (CWE-125) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://www.openwall.com/lists/oss-security/2020/06/04/1
• https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00706.html • https://security.gentoo.org/glsa/202011-09 • https://security.netapp.com/advisory/ntap-20200717-0001/ |