The vulnerability of the QEMU hardware emulation software allows a hacker to trigger a service failure or cause some other unknown effect.

The vulnerability of the QEMU hardware emulation software is related to incorrect restrictions on commands received from ATAPI devices. Exploiting this vulnerability can allow a malicious actor to cause service failures or potentially have other unspecified effects by using certain IDE commands...

qemu: ide: atapi: heap overflow during I/O buffer memory access

A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the...

QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART

Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...