A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
Metrics
Affected Vendors & Products
References
History
Thu, 14 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 14 Nov 2024 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | QEMU: sdhci: heap buffer overflow in sdhci_write_dataport() | Qemu: sdhci: heap buffer overflow in sdhci_write_dataport() |
First Time appeared |
Redhat
Redhat advanced Virtualization Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:advanced_virtualization:8::el8 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat advanced Virtualization Redhat enterprise Linux |
|
References |
|
MITRE
Status: PUBLISHED
Assigner: fedora
Published: 2024-11-14T12:10:36.880Z
Updated: 2024-11-14T19:32:53.874Z
Reserved: 2024-04-08T07:52:52.103Z
Link: CVE-2024-3447
Vulnrichment
Updated: 2024-11-14T18:54:23.668Z
NVD
Status : Awaiting Analysis
Published: 2024-11-14T12:15:17.743
Modified: 2024-11-15T13:58:08.913
Link: CVE-2024-3447
Redhat