2 matches found
SUSE CVE-2016-5105
The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...
UBUNTU-CVE-2021-3392
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...