CVE-2020-29443 Information

Description

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L

Reference

https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg04685.html http://www.openwall.com/lists/oss-security/2021/01/18/2 https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html https://security.netapp.com/advisory/ntap-20210304-0003/

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

LOW

Base Severity

3.9