CVE-2024-24474

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len.

qemu-project/qemu
qemu-project/qemu
QEMU main repository: Please see https://www.qemu.org/docs/master/devel/submitting-a-patch.html for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website. http://www.qemu.org
GitLabGitLab
1K
qemu/qemu
qemu/qemu
Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are disabled. Please only use release tarballs from the QEMU website.
GitHubGitHub
13.3K