CVE-2024-24474 — Classic Buffer Overflow in Qemu
Severity
8.8HIGHNVD
OSV6.5
EPSS
0.6%
top 30.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Timeline
PublishedFeb 20
Latest updateAug 13
Description
QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Patches
🔴Vulnerability Details
4📋Vendor Advisories
4Microsoft▶
QEMU before 8.2.0 has an integer underflow and resultant buffer overflow via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in es↗2024-02-13
Debian▶
CVE-2024-24474: qemu - QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a...↗2024