ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Jan 26, 2021
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Feb 3, 2023
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
References