Wind River Support Network

HomeDefectsLIN10-8073
Fixed

LIN10-8073 : Security Advisory - qemu - CVE-2020-11947

Created: Dec 31, 2020    Updated: May 13, 2022
Resolved Date: Jan 17, 2021
Found In Version: 10.17.41.1
Fix Version: 10.17.41.24
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.

CREATE(Triage):(User=admin) CVE-2020-11947 (https://nvd.nist.gov/vuln/detail/CVE-2020-11947)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube