CVE-2022-3872

HIGH Year: 2022
CVSS v3 Score
8.6
High
Weakness Type
CWE-193
View all →

Vulnerability Description

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

Related Vulnerabilities

CVE-2010-1773

HIGH
CVSS:8.8(High)

Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensit...

CWE-1932010

CVE-2018-14682

HIGH
CVSS:8.8(High)

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.

CWE-1932018

CVE-2019-18423

HIGH
CVSS:8.8(High)

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_t...

CWE-1932019

CVE-2020-29040

HIGH
CVSS:8.8(High)

An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one e...

CWE-1932020

CVE-2021-21938

HIGH
CVSS:8.8(High)

A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a ma...

CWE-1932021

CVE-2024-32668

HIGH
CVSS:8.2(High)

An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exp...

CWE-1932024