Your submission was sent successfully! Close

CVE-2020-13362

Published: 28 May 2020

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

Priority

Low

CVSS 3 base score: 3.2

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
bionic
Released (1:2.11+dfsg-1ubuntu7.31)
eoan Ignored
(reached end-of-life)
focal
Released (1:4.2-3ubuntu6.4)
groovy Not vulnerable
(1:5.0-5ubuntu4)
hirsute Not vulnerable
(1:5.0-5ubuntu4)
precise Does not exist

trusty
Released (2.0.0+dfsg-2ubuntu1.47+esm1)
upstream Needed

xenial
Released (1:2.5+dfsg-5ubuntu10.45)
Patches:
upstream: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03463.html
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=f50ab86a2620bd7e8507af865b164655ee921661
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=fd6918556736ecce8b10acd581ba134ffb62d9f9
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=2b151297e44655e45c18f57ae0232780ee4ad45a
qemu-kvm
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Ignored
(end of ESM support, was needed)
trusty Does not exist

upstream Needs triage

xenial Does not exist