Name | CVE-2020-13361 |
Description | In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-2262-1, DLA-2288-1, DSA-4728-1 |
Debian Bugs | 961888 |
The table below lists information on source packages.
The information below is based on the following data on fixed versions.