CVE-2019-3812 log

Severity High
Remote No
Type Arbitrary code execution
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.
Group Package Affected Fixed Severity Status Ticket
AVG-914 qemu 3.1.0-2 4.0.0-1 High Fixed