CVE-2024-3447 — Heap-based Buffer Overflow in Qemu

CWE-122 — Heap-based Buffer Overflow9 documents8 sources

Severity

6.0MEDIUMNVD

OSV8.2

EPSS

0.0%

top 96.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu

Timeline

PublishedNov 14

Latest updateSep 11

Description

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages3 packages

▶NVDqemu/qemu8.0.0 — 8.2.3+2

▶Debianqemu/qemu< 1:5.2+dfsg-11+deb11u4+3

▶Ubuntuqemu/qemu< 1:6.2+dfsg-2ubuntu6.27+1

🔴Vulnerability Details

OSV

qemu vulnerabilities↗2025-09-11

▶

CVEList

Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()↗2024-11-14

▶

GHSA

GHSA-mq5w-grf9-5rp9: A heap-based buffer overflow was found in the SDHCI device emulation of QEMU↗2024-11-14

▶

OSV

CVE-2024-3447: A heap-based buffer overflow was found in the SDHCI device emulation of QEMU↗2024-11-14

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2025-09-11

▶

Microsoft

Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()↗2024-11-12

▶

Red Hat

QEMU: sdhci: heap buffer overflow in sdhci_write_dataport()↗2024-04-04

▶

Debian

CVE-2024-3447: qemu - A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. Th...↗2024

▶