|Title:||QEMU <= 4.2.0 Multiple Vulnerabilities|
|Summary:||QEMU is prone to multiple vulnerabilities.|
QEMU is prone to multiple vulnerabilities.
The following vulnerabilities exist:
- address_space_map in exec.c can trigger a NULL pointer dereference related to BounceBuffer. (CVE-2020-13659)
- hw/pci/msix.c allows guest OS users to trigger an out-of-bounds access
via a crafted address in an msi-x mmio operation. (CVE-2020-13754)
- hw/pci/pci.c allows guest OS users to trigger an out-of-bounds access
by providing an address near the end of the PCI configuration space. (CVE-2020-13791)
- ati-vga in hw/display/ati.c allows guest OS users to trigger infinite recursion
via a crafted mm_index value during an ati_mm_read or ati_mm_write call. (CVE-2020-13800)
- There is a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet
with the data's address set to the e1000e's MMIO address. (CVE-2020-15859)
QEMU through version 4.2.0.
Update to version 4.2.1 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2020-13659|
Common Vulnerability Exposure (CVE) ID: CVE-2020-13754
Common Vulnerability Exposure (CVE) ID: CVE-2020-13791
Common Vulnerability Exposure (CVE) ID: CVE-2020-13800
Common Vulnerability Exposure (CVE) ID: CVE-2020-15859
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.