A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
History

Thu, 14 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 14 Nov 2024 12:15:00 +0000

Type Values Removed Values Added
Title QEMU: sdhci: heap buffer overflow in sdhci_write_dataport() Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()
First Time appeared Redhat
Redhat advanced Virtualization
Redhat enterprise Linux
CPEs cpe:/a:redhat:advanced_virtualization:8::el8
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat advanced Virtualization
Redhat enterprise Linux
References

cve-icon MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2024-11-14T12:10:36.880Z

Updated: 2024-11-14T19:32:53.874Z

Reserved: 2024-04-08T07:52:52.103Z

Link: CVE-2024-3447

cve-icon Vulnrichment

Updated: 2024-11-14T18:54:23.668Z

cve-icon NVD

Status : Received

Published: 2024-11-14T12:15:17.743

Modified: 2024-11-14T12:15:17.743

Link: CVE-2024-3447

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-04-04T00:00:00Z

Links: CVE-2024-3447 - Bugzilla