CVE-2020-13253

NameCVE-2020-13253
Descriptionsd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow
Debian Bugs961297

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qemu (PTS)jessie1:2.1+dfsg-12+deb8u6vulnerable
jessie (security)1:2.1+dfsg-12+deb8u14vulnerable
stretch1:2.8+dfsg-6+deb9u8vulnerable
stretch (security)1:2.8+dfsg-6+deb9u9vulnerable
buster, buster (security)1:3.1+dfsg-8+deb10u5vulnerable
bullseye, sid1:5.0-5vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qemusource(unstable)(unfixed)961297

Notes

[buster] - qemu <postponed> (Minor issue, can be fixed along in next DSA)
[stretch] - qemu <postponed> (Minor issue, can be fixed along in next DSA)
https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg05835.html
https://www.openwall.com/lists/oss-security/2020/05/27/2
https://bugs.launchpad.net/qemu/+bug/1880822

Search for package or bug name: Reporting problems