Wind River Support Network

HomeDefectsLIN1019-5838
Fixed

LIN1019-5838 : Security Advisory - qemu - CVE-2020-11947

Created: Dec 31, 2020    Updated: May 13, 2022
Resolved Date: Jan 14, 2021
Found In Version: 10.19.45.1
Fix Version: 10.19.45.15
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.

CREATE(Triage):(User=admin) CVE-2020-11947 (https://nvd.nist.gov/vuln/detail/CVE-2020-11947)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube