CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
26.7%
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface
(hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive
information and have other unspecified impact related to a crafted PCI
device that triggers memory corruption.
Author | Note |
---|---|
mdeslaur | introduced in 1.7.x by http://git.qemu.org/?p=qemu.git;a=commit;h=db4728e6fec0364b866d3106125974eedc00e091 |