Vulnerabilities > CVE-2020-25085 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
HIGH
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
LOW
local
high complexity
qemu
debian
CWE-787
NVD
Published: 2020-09-25
Updated: 2022-09-23

Summary

QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.

Vulnerable Configurations

Part Description Count
Application
Qemu
1
OS
Debian
2

Common Weakness Enumeration (CWE)

References