CVE-2020-1711

Name
CVE-2020-1711
Description
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711
Mailing List https://www.openwall.com/lists/oss-security/2020/01/23/3
Mailing List https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html
Third Party Advisory https://usn.ubuntu.com/4283-1/
Third Party Advisory https://access.redhat.com/errata/RHSA-2020:0669
Third Party Advisory https://access.redhat.com/errata/RHSA-2020:0730
Third Party Advisory https://access.redhat.com/errata/RHSA-2020:0731
Third Party Advisory https://access.redhat.com/errata/RHSA-2020:0773
Third Party Advisory https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
Third Party Advisory https://security.gentoo.org/glsa/202005-02
MLIST https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* qemu >= 2.12.0 < 4.2.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
qemu 3.10-main 4.0.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable