公告ID: KYLIN-2019-3812
安全等级: 中等
产品: Kylin V3
发布日期: 2019年2月18日
CVE: CVE-2019-3812
CVSS3评分: 4.4
概述:
None 描述:
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host. QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host. 系统版本:
KYLIN 3.0.x
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
kvm
xen
qemu-kvm
qemu-kvm