Thomas Huth

2 exploits Active since Jun 2020
CVE-2023-42467 WRITEUP MEDIUM WRITEUP
QEMU < 8.0.0 - Denial of Service via Division by Zero in SCSI Disk Reset
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
CVSS 5.5
CVE-2020-13765 WRITEUP MEDIUM WRITEUP
QEMU 4.0-4.1.0 - Out-of-bounds Write via Invalid Memory Copy in rom_copy()
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
CVSS 5.6