The vulnerability of the lsi_do_msgin function in the QEMU hardware emulation software, related to reading beyond the data buffer, allows a hacker to trigger a service failure.

The vulnerability of the lsidomsgin function hw/scsi/lsi53c895a.c in the QEMU hardware emulation software is related to reading beyond the buffer data boundary. Exploiting this vulnerability can allow an attacker to cause a service failure due to an invalid value of the msglen variable...

DEBIAN-CVE-2018-18849

In Qemu 3.0.0, lsidomsgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msglen value...