Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-17380

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via t...

6.3CVSS7.4AI score0.00424EPSS
Exploits0References2
Amazon
Amazon
added 2024/08/20 12:0 a.m.5 views

Important: qemu

Issue Overview: QEMU: sdhci: heap buffer overflow in sdhciwritedataport CVE-2024-3447 A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img process on the host to...

7.8CVSS7.1AI score0.00552EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.4 views

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport respectively if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition.

...

8.6CVSS7AI score0.00802EPSS
Exploits0
OSV
OSV
added 2022/11/07 9:15 p.m.1 views

DEBIAN-CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

8.6CVSS6.9AI score0.00802EPSS
Exploits0References1
OSV
OSV
added 2022/11/07 9:15 p.m.2 views

UBUNTU-CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

8.6CVSS6.8AI score0.00802EPSS
Exploits0References4
OSV
OSV
added 2021/03/23 9:15 p.m.1 views

DEBIAN-CVE-2021-3409

The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resultin...

5.7CVSS6.7AI score0.00485EPSS
Exploits0References1
Rows per page
Query Builder