You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
lsi53c895a emulation
About this tag
The lsi53c895a emulation tag covers discussions about the LSI Logic SCSI device emulation in QEMU, particularly a critical vulnerability (CVE-2023-0330) that allows a malicious guest to crash the host via a DMA MMIO reentrancy bug. This flaw can cause stack overflow or use-after-free conditions, leading to host process crashes. The tag is relevant for users running QEMU with lsi53c895a emulation, especially in multi-tenant or untrusted guest environments, where patching and mitigation are essential to maintain availability.
A subtle emulation bug in QEMU’s LSI Logic SCSI device implementation — tracked as CVE‑2023‑0330 — allows a malicious guest to repeatedly trigger DMA operations that re‑enter the MMIO path and ultimately overflow the host process stack, producing a high‑impact availability failure for the host...