Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Qemu: pvrdma: out-of-bounds read in pvrdma_ring_next_elem_read()
Vulnerability Description
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
QEMU 安全漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU存在安全漏洞,该漏洞源于guest驱动程序会分配和初始化大量页表用作 CQ 和异步事件的描述符环,可能导致越界读取和 QEMU 崩溃。
CVSS Information
N/A
Vulnerability Type
N/A