mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 19:16:22 +00:00
996 B
996 B
CVE-2020-1711
Description
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
POC
Reference
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711