Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.
CVSS Information
N/A
Vulnerability Type
加锁机制不恰当
Vulnerability Title
QEMU 安全漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU存在安全漏洞,该漏洞源于其AHCI控制器在软件重置(ahci_reset_port)时,同时处理来自客户的主机到设备注册FIS(帧信息结构)报文时发生死锁问题使客户机中的特权用户可以挂起主机上的QEMU进程,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A