Yonghua Huang

3 exploits Active since Nov 2019
CVE-2019-18844 WRITEUP HIGH WRITEUP
ACRN <2019w25.5-140000p - DoS
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.
CVSS 7.5
CVE-2021-36143 WRITEUP HIGH WRITEUP
ACRN <2.5 - Null Pointer Dereference
ACRN before 2.5 has a hw/pci/virtio/virtio.c vq_endchains NULL Pointer Dereference.
CVSS 7.5
CVE-2021-36148 WRITEUP HIGH WRITEUP
ACRN <2.5 - Buffer Overflow
An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow.
CVSS 7.8