iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Buffer Overflow
Information Disclosure
Qemu
NVD
CVSS 3.1
3.8
EPSS
0.5%