Security Advisory

CVE-2019-3812

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-02-19 14:00:00

Last updated 2024-08-04 19:19:18

Assigner redhat

State PUBLISHED

Description

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

← Browse all CVEs View on cve.org ↗