QEMU CVE-2020-13253 Out of Bounds Read Vulnerability

description-logoDescription

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

affected-products-logoAffected Applications

QEMU

CVE References

CVE-2020-13253