An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-11-07T00:00:00

Updated: 2024-08-03T01:20:58.804Z

Reserved: 2022-11-07T00:00:00

Link: CVE-2022-3872

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-11-07T21:15:09.610

Modified: 2023-02-23T01:35:36.783

Link: CVE-2022-3872

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-11-07T00:00:00Z

Links: CVE-2022-3872 - Bugzilla