{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "7.1.0" }, { "introduced": "0" }, { "last_affected": "7.1.0-NA" }, { "introduced": "0" }, { "last_affected": "7.1.0-rc0" }, { "introduced": "0" }, { "last_affected": "7.1.0-rc1" }, { "introduced": "0" }, { "last_affected": "7.1.0-rc2" }, { "introduced": "0" }, { "last_affected": "7.1.0-rc3" }, { "introduced": "0" }, { "last_affected": "7.1.0-rc4" } ] }, "events": [ { "introduced": "0" }, { "fixed": "621da7789083b80d6f1ff1c0fb499334007b4f51" }, { "introduced": "0" }, { "last_affected": "621da7789083b80d6f1ff1c0fb499334007b4f51" }, { "introduced": "0" }, { "last_affected": "7b17a1a841fc2336eba53afade9cadb14bd3dd9a" }, { "introduced": "0" }, { "last_affected": "d2656dd577754129f86328f95e6ee4a241913d6f" }, { "introduced": "0" }, { "last_affected": "61b6e67171c602cf6451e4928c9cdcc24c57a485" }, { "introduced": "0" }, { "last_affected": "c7208a6e0d049f9e8af15df908168a79b1f99685" }, { "introduced": "0" }, { "last_affected": "9a99f964b152f8095949bbddca7841744ad418da" } ], "repo": "https://github.com/qemu/qemu", "type": "GIT" } ] } ], "details": "An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.", "id": "CVE-2022-3872", "modified": "2026-03-13T21:48:05.660154564Z", "published": "2022-11-07T21:15:09.610Z", "references": [ { "type": "ADVISORY", "url": "https://security.netapp.com/advisory/ntap-20221215-0005/" }, { "type": "FIX", "url": "https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg01068.html" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "type": "CVSS_V3" } ] }