Back to search
CVE-2020-25085
Published: Sep 25, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.launchpad.net/qemu/+bug/1892960
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2020/09/16/6
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20201009-0005/
x_refsource_CONFIRM
[debian-lts-announce] 20201129 [SECURITY] [DLA 2469-1] qemu security update
mailing-list
x_refsource_MLIST
[oss-security] 20210309 CVE-2021-3409 QEMU: sdhci: incomplete fix for CVE-2020-17380/CVE-2020-25085
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now