CVE 2020-13253
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.
Related bugs and status
CVE-2020-13253 (Candidate) is related to these bugs:
Bug #1749393: sbrk() not working under qemu-user with a PIE-compiled binary?
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1749393 | sbrk() not working under qemu-user with a PIE-compiled binary? | QEMU | Undecided | Fix Released | ||
1749393 | sbrk() not working under qemu-user with a PIE-compiled binary? | qemu (Ubuntu) | Undecided | Fix Released | ||
1749393 | sbrk() not working under qemu-user with a PIE-compiled binary? | qemu (Ubuntu Focal) | Medium | Fix Released |
Bug #1805256: qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images
Bug #1880822: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1880822 | CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS | QEMU | Undecided | Fix Released |
Bug #1887763: new default qemu TCG sizes exceed common CI setups
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1887763 | new default qemu TCG sizes exceed common CI setups | qemu (Ubuntu) | Undecided | Fix Released |
Bug #1897854: groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed.
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1897854 | groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed. | qemu (Ubuntu) | Undecided | Fix Released | ||
1897854 | groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed. | qemu (Ubuntu Groovy) | Undecided | Fix Released |
Bug #1902654: failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | libvirt (Ubuntu) | Undecided | Invalid | ||
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | qemu (Ubuntu) | Medium | Fix Released | ||
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | qemu (Ubuntu Groovy) | Medium | Fix Released | ||
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | qemu (Ubuntu Focal) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.