Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QEMU 拒绝服务漏洞
Vulnerability Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 1.0版本至2.1.3版本的IDE函数中的BMDMA或AHCI HBA接口存在安全漏洞,该漏洞源于函数的返回值使用多义解释。虚拟机操作系统端攻击者可借助畸形的PRDT数据利用该漏洞造成主机操作系统拒绝服务(内存消耗或无限循环,和系统崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A