Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.
CVSS Information
N/A
Vulnerability Type
跨界内存写
Vulnerability Title
QEMU NVM Express Controller 缓冲区错误漏洞
Vulnerability Description
QEMU是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。NVM Express Controller是其中的一个NVMe(非易失性内存主机控制器接口规范)控制器组件。 QEMU中的NVM Express Controller模拟存在基于堆的缓冲区溢出漏洞。攻击者可利用该漏洞造成拒绝服务(QENU进程崩溃),也可能运行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A