QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | 2008 R2 for Itanium-Based Systems Service Pack 1 |