[Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the gu

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the gu

From:	Philippe Mathieu-Daudé
Subject:	[Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS
Date:	Wed, 27 May 2020 07:28:57 -0000

** Changed in: qemu
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1880822

Title:
  CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in
  DoS

Status in QEMU:
  Confirmed

Bug description:
  An out-of-bounds read access issue was found in the SD Memory Card
  emulator of the QEMU. It occurs while performing block write commands
  via sdhci_write(), if a guest user has sent 'address' which is OOB of
  's->wp_groups'. A guest user/process may use this flaw to crash the
  QEMU process resulting in DoS.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1880822/+subscriptions

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug 1880822] [NEW] CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS, P J P, 2020/05/27
- [Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS, P J P, 2020/05/27
- [Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS, P J P, 2020/05/27
- [Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS, Philippe Mathieu-Daudé <=

Prev by Date: Re: [PATCH] hw/registerfields: Prefix local variables with underscore in macros
Next by Date: Re: [PATCH v2] trace/simple: Fix unauthorized enable
Previous by thread: [Bug 1880822] Re: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS
Next by thread: [PATCH v3 0/9] pc-bios: s390x: Cleanup part 1
Index(es):
- Date
- Thread