An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport respectively if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition.

🗓️ 05 Aug 2024 07:00:00Reported by MicrosoftType

Off-by-one bug in QEMU SDHCI may crash host when data_count equals block_size.

Reporter	Title	Published	Views	Family All 50
AlpineLinux	CVE-2022-3872	7 Nov 202221:15	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в qemu	3 May 202623:59	–	astralinux
Tenable Nessus	Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-3872)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.1 : qemu-kvm (EulerOS-SA-2023-1651)	27 Apr 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.0 : qemu-kvm (EulerOS-SA-2023-1685)	27 Apr 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2023-1913)	16 May 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2023-1944)	15 May 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-2082)	7 Jun 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.11.0 : qemu (EulerOS-SA-2023-2134)	7 Jun 202300:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2022-3872)	20 Mar 202300:00	–	nessus