Fixed in commit 790762e5487114341cccc5bffcec4cb3c022c3cd. ** Changed in: qemu Status: In Progress => Fix Committed
-- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1880822 Title: CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS Status in QEMU: Fix Committed Bug description: An out-of-bounds read access issue was found in the SD Memory Card emulator of the QEMU. It occurs while performing block write commands via sdhci_write(), if a guest user has sent 'address' which is OOB of 's->wp_groups'. A guest user/process may use this flaw to crash the QEMU process resulting in DoS. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1880822/+subscriptions