hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. CREATE(Triage):(User=admin) [CVE-2020-13791|https://nvd.nist.gov/vuln/detail/CVE-2020-13791]