漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
QEMU iSCSI Block驱动程序缓冲区错误漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)软件开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 4.2.1之前的2.12.0版本中的iSCSI Block驱动程序存在缓冲区错误漏洞。远程攻击者可利用该漏洞造成QEMU进程崩溃,导致拒绝服务或以QEMU进程的权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A