CVE-2020-1711 log
| Source |
|
| Severity | High |
| Remote | No |
| Type | Arbitrary code execution |
| Description | An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1110 | qemu | 4.2.0-2 | 5.0.0-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 07 May 2020 | ASA-202005-6 | AVG-1110 | qemu | High | multiple issues |
| References |
|---|
https://www.openwall.com/lists/oss-security/2020/01/23/3 |