CVE-2020-14415

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.