sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. An out-of-bounds read-access flaw was found in the SD Memory Card emulator of the QEMU. This flaw occurs while performing block write commands via sdhci_write(), if a guest user has sent an 'address' which is out-of-bounds of 's->wp_groups'. A guest user or process may use this flaw to crash the QEMU process resulting in a denial of service.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center