Description
A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
INFO
Published Date :
2024-11-14T12:10:36.880Z
Last Modified :
2025-11-03T19:29:52.539Z
Source :
fedora
AFFECTED PRODUCTS
The following products are affected by CVE-2024-3447 vulnerability.
| Vendors | Products |
|---|---|
| Netapp |
|
| Qemu |
|
| Redhat |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2024-3447.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact