lsi53c895a emulation

About this tag
The lsi53c895a emulation tag covers discussions about the LSI Logic SCSI device emulation in QEMU, particularly a critical vulnerability (CVE-2023-0330) that allows a malicious guest to crash the host via a DMA MMIO reentrancy bug. This flaw can cause stack overflow or use-after-free conditions, leading to host process crashes. The tag is relevant for users running QEMU with lsi53c895a emulation, especially in multi-tenant or untrusted guest environments, where patching and mitigation are essential to maintain availability.
  1. CVE-2023-0330: QEMU DMA MMIO Reentrancy Crashes Host

    A subtle emulation bug in QEMU’s LSI Logic SCSI device implementation — tracked as CVE‑2023‑0330 — allows a malicious guest to repeatedly trigger DMA operations that re‑enter the MMIO path and ultimately overflow the host process stack, producing a high‑impact availability failure for the host...