MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.4 (AXSA:2021-1882:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1882:03 advisory. QEMU: ide: atapi: OOB access while processing read commands CVE-2020-29443 Tenable has extracted the preceding description block directly from the MiracleLin...

SUSE CVE-2020-29443

ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...

The vulnerability of the `ide_atapi_cmd_reply_end` function in the QEMU hardware emulation software involves reading data beyond the allowed buffer limits. This allows an attacker to access confidential data and also trigger a service failure.

The vulnerability of the ideatapicmdreplyend function in the QEMU hardware emulation software is related to reading data from within acceptable buffer limits. Exploiting this vulnerability can allow an attacker to access confidential data and also cause service failures...

DEBIAN-CVE-2020-29443

ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...

QEMU 缓冲区错误漏洞

QEMU is a set of simulation processors written by Fabrice Bellard and distributed with source code under the GPL license, widely used on the GNU/Linux platform. An out-of-bounds read access vulnerability exists in ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0. The vulnerability stems from a...