Skip to main content

Out-of-bounds Read


Severity Medium
Score 6.5/10


An out-of-bounds read flaw was found in the QXL display device emulation in QEMU in versions prior to 7.2.0-rc3. The "qxl_phys2virt()" function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.

  • LOW
  • NONE
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-125 - Out-of-Bounds Read

Out-of-bounds read is a vulnerability that allows access to memory beyond the authorized accessible location. Such a vulnerability compromises the confidentiality of the trusted environment in the application and enables an attacker to launch further attacks by leveraging the exposed information.

Advisory Timeline

  • Published