Use-after-free vulnerability in hw/ide/ahci.c in QEMU,...
High severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 10, 2023
Description
Published by the National Vulnerability Database
Apr 12, 2016
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 10, 2023
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.
References