Launchpad.net

CVE 2020-13765

rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.

See the CVE page on Mitre.org for more details.