VYPR

NVM Express Controller

by QEMU

CVEs (2)

  • CVE-2018-16847HigNov 2, 2018
    risk 0.51cvss 7.8epss 0.01

    An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with…

  • CVE-2021-3929HigAug 25, 2022
    risk 0.00cvss 8.2epss 0.01

    A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue.…