Lucene search
+L

8 matches found

BDU FSTEC
BDU FSTEC
added 2021/03/15 12:0 a.m.6 views

The vulnerability of the rom_copy function in hw/core/loader.c of the QEMU hardware emulation software allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the romcopy function in hw/core/loader.c of the QEMU hardware emulation software is related to the execution of operations within the acceptable data buffer boundaries. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise i...

7.3CVSS7.3AI score0.02409EPSS
Exploits0References6Affected Software3
Veracode
Veracode
added 2020/09/21 6:33 a.m.31 views

Arbitrary Code Execution

qemu is vulnerable to arbitrary code execution. The romcopy in hw/core/loader.c does not validate the relationship between two addresses and allows attackers to perform an invalid memory copy operation...

5.6CVSS6.5AI score0.02409EPSS
Exploits0References8Affected Software4
NVD
NVD
added 2020/06/04 4:15 p.m.20 views

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

6.8CVSS6.1AI score0.02409EPSS
Exploits0References7
Prion
Prion
added 2020/06/04 4:15 p.m.25 views

Design/Logic Flaw

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

6.8CVSS5.2AI score0.02409EPSS
Exploits0References7Affected Software3
UbuntuCve
UbuntuCve
added 2020/06/04 4:15 p.m.30 views

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

6.8CVSS6.9AI score0.02409EPSS
Exploits0References4
CVE
CVE
added 2020/06/04 3:26 p.m.227 views

CVE-2020-13765

CVE-2020-13765 affects QEMU 4.0 and 4.1.0, where rom_copy() in hw/core/loader.c does not validate the relationship between two addresses, enabling an out-of-bounds memory copy and potentially code execution. Public advisories (e.g., Oracle Linux ELSA entries and MiracleLinux AXSA-2021-1371) indic...

6.8CVSS5.7AI score0.02409EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2020/06/04 3:26 p.m.45 views

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

6.8CVSS6.1AI score0.02409EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/06/04 3:26 p.m.33 views

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

6.8CVSS7AI score0.02409EPSS
Exploits0
Rows per page
Query Builder