Lucene search
K

7 matches found

OSV
OSV
added 2024/04/26 11:7 a.m.2 views

OESA-2024-1491 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...

8.8CVSS8.2AI score0.01397EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2024/04/25 12:0 a.m.5 views

The vulnerability of the `esp_do_nodma` function in the `hw/scsi/esp.c` file of the QEMU hardware emulation software allows a hacker to cause a service failure.

The vulnerability of the espdonodma function in the hw/scsi/esp.c file of the QEMU hardware emulation software is related to a buffer overflow condition caused by the TI command. This occurs when the expected transfer length without DMA is less than the available data in the FIFO. Exploiting this...

8.2CVSS7AI score0.01397EPSS
Exploits1References8Affected Software4
Veracode
Veracode
added 2024/02/26 2:34 p.m.30 views

Buffer Overflow

QEMU is vulnerable to Buffer Overflow. The vulnerability is due to an integer underflow, resulting in a buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in espdonodma in hw/scsi/esp.c because of an underflow...

8.8CVSS6.8AI score0.01397EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/02/20 6:15 p.m.20 views

CVE-2024-24474

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in espdonodma in hw/scsi/esp.c because of an underflow of asynclen...

8.8CVSS6.9AI score0.01397EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2024/02/20 6:15 p.m.25 views

CVE-2024-24474

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in espdonodma in hw/scsi/esp.c because of an underflow of asynclen...

8.8CVSS6.9AI score0.01397EPSS
Exploits1References3
OSV
OSV
added 2024/02/20 6:15 p.m.1 views

UBUNTU-CVE-2024-24474

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in espdonodma in hw/scsi/esp.c because of an underflow of asynclen...

8.8CVSS6.9AI score0.01397EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2024/02/20 12:0 a.m.32 views

CVE-2024-24474

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in espdonodma in hw/scsi/esp.c because of an underflow of asynclen...

8.8CVSS6.5AI score0.01397EPSS
Exploits1
Rows per page
Query Builder