Lucene search
Veracode Vulnerability DatabaseVERACODE:27069HistorySep 21, 2020 - 6:33 a.m.
Arbitrary Code Execution
2020-09-2106:33:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.005 Low
EPSS
Percentile
77.2%
qemu is vulnerable to arbitrary code execution. The rom_copy() in hw/core/loader.c does not validate the relationship between two addresses and allows attackers to perform an invalid memory copy operation.
References
git.qemu.org/?p=qemu.git;a=commit;h=e423455c4f23a1a828901c78fe6d03b7dde79319
github.com/qemu/qemu/commit/4f1c6cb2f9afafda05eab150fd2bd284edce6676
lists.debian.org/debian-lts-announce/2020/06/msg00032.html
lists.debian.org/debian-lts-announce/2020/07/msg00020.html
security.netapp.com/advisory/ntap-20200619-0006/
usn.ubuntu.com/4467-1/
www.openwall.com/lists/oss-security/2020/06/03/6
Related
alpinelinux
alpinelinux
CVE-2020-13765
2020-06-04 16:15:12
redhatcve
redhatcve
CVE-2020-13765
2020-06-03 19:21:57
cvelist
cvelist
CVE-2020-13765
2020-06-04 15:26:17
openvas
openvas
QEMU <= 4.1.0 Arbitrary Write Vulnerability
2020-07-22 00:00:00
CentOS: Security Advisory for qemu-img (CESA-2021:0347)
2021-02-04 00:00:00
Debian: Security Advisory (DLA-2262-1)
2020-06-30 00:00:00
osv
osv
CVE-2020-13765
2020-06-04 16:15:12
qemu - security update
2020-06-29 00:00:00
qemu - security update
2020-07-19 00:00:00
prion
prion
Design/Logic Flaw
2020-06-04 16:15:00
debiancve
debiancve
CVE-2020-13765
2020-06-04 16:15:12
nvd
nvd
CVE-2020-13765
2020-06-04 16:15:12
ubuntucve
ubuntucve
CVE-2020-13765
2020-06-04 00:00:00
cve
cve
CVE-2020-13765
2020-06-04 16:15:12
nessus
nessus
RHEL 7 : qemu-kvm (RHSA-2021:0347)
2021-02-03 00:00:00
Oracle Linux 7 : qemu-kvm (ELSA-2021-0347)
2021-02-03 00:00:00
Amazon Linux AMI : qemu-kvm (ALAS-2021-1488)
2021-03-20 00:00:00
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2021-02-03 00:00:00
qemu security update
2021-02-08 00:00:00
centos
centos
qemu security update
2021-02-04 01:05:06
amazon
amazon
Medium: qemu-kvm
2021-03-18 17:30:00
Medium: qemu
2021-03-18 01:13:00
redhat
redhat
(RHSA-2021:0347) Moderate: qemu-kvm security and bug fix update
2021-02-02 09:29:16
debian
debian
[SECURITY] [DLA 2262-1] qemu security update
2020-06-29 20:49:03
[SECURITY] [DLA 2288-1] qemu security update
2020-07-26 11:51:28
ubuntu
ubuntu
QEMU vulnerabilities
2020-08-19 00:00:00