Denial Of Service (DoS)

2023-03-1306:33:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

qemu

vulnerability

acpi

erst

dos

attack

0.001 Low

EPSS

Percentile

19.0%

JSON

qemu is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the integer overflow and buffer overflow in the read_erst_record and write_erst_record functions of ACPI Error Record Serialization Table (ERST) device, allowing an attacker to cause an application crash

CPENameOperatorVersion
qemu:sideq1:5.1+dfsg-4+b2
qemu:sideq1:5.1+dfsg-4+b1
qemu:sideq1:5.1+dfsg-4
qemu:bookwormeq1:6.1+dfsg-6
qemu:sideq1:5.1+dfsg-4+b2
qemu:sideq1:5.1+dfsg-4+b1
qemu:sideq1:5.1+dfsg-4
qemu:bookwormeq1:6.1+dfsg-6

Name	Operator	Version
qemu:sid	eq	1:5.1+dfsg-4+b2
qemu:sid	eq	1:5.1+dfsg-4+b1
qemu:sid	eq	1:5.1+dfsg-4
qemu:bookworm	eq	1:6.1+dfsg-6
qemu:sid	eq	1:5.1+dfsg-4+b2
qemu:sid	eq	1:5.1+dfsg-4+b1
qemu:sid	eq	1:5.1+dfsg-4
qemu:bookworm	eq	1:6.1+dfsg-6