Out-of-Bounds Read Vulnerability in QEMU 4.2.0's sd_wp_addr

Out-of-Bounds Read Vulnerability in QEMU 4.2.0's sd_wp_addr

CVE-2020-13253 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

Learn more about our User Device Pen Test.