Showing 1 - 1 of 1

CVE-2024-24474

Status Candidate

Overview

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len.

Related Files

Ubuntu Security Notice USN-6954-1: Posted Aug 13, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6954-1 - Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. Xiao Lei discovered that QEMU did not properly handle certain memory operations when specific features were enabled, which could lead to a stack overflow. An attacker could potentially use this issue to leak sensitive information.; tags | advisory, denial of service, overflow; systems | linux, ubuntu; advisories | CVE-2023-6683, CVE-2023-6693, CVE-2024-24474; SHA-256 | 5c70c34349ef05f8fd57112b4c93197e6bf74e580c97f6d8cc62a176442cefd3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 63 files
LiquidWorm 25 files
Debian 17 files
indoushka 15 files
Apple 10 files
Google Security Research 7 files
Emiliano Febbi 3 files
Chokri Hammedi 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,154)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,797)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,228)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,963)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2024-24474

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems