Out-of-bounds Read Affecting qemu package, versions <1:7.2+dfsg-1


0.0
medium

Snyk CVSS

    Attack Complexity Low
    Scope Changed
    Availability High
Expand this section
NVD
6.5 medium
Expand this section
Red Hat
6.5 medium

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-DEBIANUNSTABLE-QEMU-3148225
  • published 26 Nov 2022
  • disclosed 29 Nov 2022

How to fix?

Upgrade Debian:unstable qemu to version 1:7.2+dfsg-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream qemu package and not the qemu package as distributed by Debian:unstable. See How to fix? for Debian:unstable relevant fixed versions and status.

An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.