Security Advisory

CVE-2020-13253

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-27 14:09:55

Last updated 2024-08-04 12:11:19

Assigner mitre

State PUBLISHED

Description

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

← Browse all CVEs View on cve.org ↗