VYPR

QEMU

by NetApp

CVEs (2)

  • CVE-2020-17380MedJan 30, 2021
    risk 0.41cvss 6.3epss 0.00

    A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash…

  • CVE-2020-25085MedSep 25, 2020
    risk 0.33cvss 5.0epss 0.01

    QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.