CVE-2019-3812 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Arbitrary code execution
Description	QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-914	qemu	3.1.0-2	4.0.0-1	High	Fixed

References
https://github.com/qemu/qemu/commit/b05b267840515730dbf6753495d5b7bd8b04ad1c