PRIOn knowledge basePRION:CVE-2020-13765

HistoryJun 04, 2020 - 4:15 p.m.

Design/Logic Flaw

2020-06-0416:15:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.

CPENameOperatorVersion
ubuntu_linuxeq18.04
ubuntu_linuxeq20.04
ubuntu_linuxeq16.04
debian_linuxeq8.0
debian_linuxeq9.0
qemueq4.0.0
qemueq4.1.0

Name	Operator	Version
ubuntu_linux	eq	18.04
ubuntu_linux	eq	20.04
ubuntu_linux	eq	16.04
debian_linux	eq	8.0
debian_linux	eq	9.0
qemu	eq	4.0.0
qemu	eq	4.1.0

References

git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e423455c4f23a1a828901c78fe6d03b7dde79319

github.com/qemu/qemu/commit/4f1c6cb2f9afafda05eab150fd2bd284edce6676

lists.debian.org/debian-lts-announce/2020/06/msg00032.html

lists.debian.org/debian-lts-announce/2020/07/msg00020.html

security.netapp.com/advisory/ntap-20200619-0006/

usn.ubuntu.com/4467-1/

www.openwall.com/lists/oss-security/2020/06/03/6