You should be vigilant! (CVE-2020-17380) – 1st Feb 2021

Preface: Mount a drive image emulated as an SD card with qemu-system-x86_64.

qemu-system-x86_64 -smp cores=4 -m 1024 -device sdhci-pci -device sd-card,drive=mydrive -drive id=mydrive,if=none,format=raw,file=image.bin


QEMU Integration with other virtual machines

  • VirtualBox uses some QEMU virtual hardware devices and has a built-in qemudede-based Dynamic re-compiler.Same as KQEMU.
  • Xen HVM has device emulation based on the QEMU project to provide I/O virtualization to the virtual machines.
  • Qemu on FreeBSD as host.It runs under Windows 2000, Windows XP, GNU/Linux (RedHat, Debian) and FreeBSD “host” systems.

QEMU can simulate a variety of hardware devices

  • Android and ARM: QEMU emulates the ARMv7 instruction set using the NEON extension.It simulates the Integrated System / CP board,multi-function backplane.
  • In Android OS because the VM memory page allocation is not continuous,PIPE driver will pass the remote data address
    to QEMU several times.

Design weakness: sdhci – While doing multi block SDMA, transfer block size may exceed the ‘s->fifo_buffer[s->buf_maxsz]’ size.

Impact: Resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.

Vulnerability details: Refer to link –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.