ALAS2-2020-1407 --- qemu ivshmem-toolsID: oval:org.secpod.oval:def:1700515 | Date: (C)2020-11-27 (M)2023-12-20 |
Class: PATCH | Family: unix |
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block in an iscsi_co_block_status routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host
Product: |
qemu |
ivshmem-tools |