CVE-2020-13362

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

Date published : 2020-05-28

http://www.openwall.com/lists/oss-security/2020/05/28/2

https://security.netapp.com/advisory/ntap-20200608-0003/