Chuhong Yuan

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data count` and the size of `s->fifo buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QEMU versions through 8.0.0 **Description** The issue is related to a division by zero in the `scsi disk reset` function in `hw/scsi/scsi-disk.c` due to incorrect block size checking by `scsi disk emulate mode select`. This can cause QEMU and the guest to stop immediately. Exploitation of this issue may allow a remote attacker to cause a denial of service. **Recommendations** For QEMU versions through 8.0.0, as a temporary workaround, consider disabling the `scsi disk reset` function until a patch is available. Restrict access to the `hw/scsi/scsi-disk.c` module to minimize the risk of exploitation. Avoid using a block size of 256 in the `s->qdev.blocksize` variable until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.6 **Description** The issue is related to the go7007 snd init function in the Linux kernel, which does not properly free resources in case of failure, leading to a memory leak. This can potentially allow an attacker to cause a denial of service. **Recommendations** For Linux kernel versions prior to 5.6, update to version 5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected function to minimize the risk of exploitation.