Jiang Xin

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue is related to the `vga draw text` function in QEMU, which is associated with incorrect input validation. This can lead to a denial of service, causing an out-of-bounds read and a crash of the QEMU process. Local OS guest privileged users can exploit this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue is related to the `sdhci sdma transfer multi blocks` function in `hw/sd/sdhci.c`, which allows local OS guest privileged users to cause a denial of service. This can be achieved via vectors involving the transfer mode register during multi-block transfer, resulting in an infinite loop and QEMU process crash. The problem is associated with incorrect system resource management. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue is related to a memory leak in the `sdhci sdma transfer multi blocks` function in `hw/sd/sdhci.c` of the QEMU emulator. This can be exploited by a local attacker to cause a denial of service or execute arbitrary code on the QEMU host. The exploitation involves vectors related to the data transfer length, potentially leading to out-of-bounds heap access and crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.