Fixed here:
https://gitlab.com/qemu-project/qemu/-/commit/cffb446e8fd19a14e1634c
** Changed in: qemu
Status: New => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909418
Title:
This was found by OSS-Fuzz as well. Yankable reproducer:
+CC Phil. I know you mentioned you don't have time to fix many of the
sdhci bugs, but this one seems like a large heap write, and the original
reporter provided some analysis.
On 210107 0307, Muhammad Ramdhan wrote:
> ** Information type ch
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909418
Title:
QEMU: Heap Overflow vulnerability in SDHCI Component
Status in QEM
