CVE-2020-11947Out-of-bounds Read in Qemu

CWE-125Out-of-bounds ReadCWE-131Incorrect Calculation of Buffer SizeCWE-122Heap-based Buffer Overflow7 documents6 sources
Severity
3.8LOWNVD
EPSS
0.1%
top 83.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
QemuDebian Qemu
Timeline
PublishedDec 31
Latest updateMay 24

Description

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 2.0 | Impact: 1.4

Affected Packages4 packages

debiandebian/qemu< qemu 1:4.2-7 (bookworm)
Debianqemu/qemu< 1:4.2-7+3
Ubuntuqemu/qemu< 1:2.5+dfsg-5ubuntu10.49+2
NVDqemu/qemu4.1.0

Patches

Patch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-m8w3-4mqx-j486: iscsi_aio_ioctl_cb in block/iscsi2022-05-24
OSV
qemu vulnerabilities2021-02-08
OSV
CVE-2020-11947: iscsi_aio_ioctl_cb in block/iscsi2020-12-31

📋Vendor Advisories

3
Ubuntu
QEMU vulnerabilities2021-02-08
Red Hat
QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure2020-04-20
Debian
CVE-2020-11947: qemu - iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-r...2020