Lucene search

K
cvelistMitreCVELIST:CVE-2019-12068
HistorySep 24, 2019 - 7:59 p.m.

CVE-2019-12068

2019-09-2419:59:44
mitre
www.cve.org
10
qemu
infinite loop
lsi scsi adapter

AI Score

5.4

Confidence

Low

EPSS

0.001

Percentile

23.7%

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances ‘s->dsp’ index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.

AI Score

5.4

Confidence

Low

EPSS

0.001

Percentile

23.7%