CVE-2020-17380

A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2021-01-29 22:15

Updated : 2022-10-13 20:48


NVD link : CVE-2020-17380

Mitre link : CVE-2020-17380


JSON object : View

CWE
CWE-787

Out-of-bounds Write

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

qemu

  • qemu