rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. CREATE(Triage):(User=admin) CVE-2020-13765 (https://nvd.nist.gov/vuln/detail/CVE-2020-13765)