Launchpad.net

CVE 2020-13765

rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.

Related bugs and status

CVE-2020-13765 (Candidate) is related to these bugs:

Bug #1805256: qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images

		In	Importance	Status
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	QEMU	Undecided	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	qemu (Ubuntu)	Medium	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	qemu (Ubuntu Focal)	Medium	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	qemu (Ubuntu Bionic)	Medium	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	qemu (Ubuntu Eoan)	Medium	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	kunpeng920	Undecided	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	kunpeng920 upstream-kernel	Undecided	Invalid
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	kunpeng920 ubuntu-20.04	Undecided	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	kunpeng920 ubuntu-19.10	Undecided	Fix Released
1805256	qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images	kunpeng920 ubuntu-18.04	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-13765

Related bugs and status

Related bugs

References