Launchpad.net

CVE 2020-13791

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

See the CVE page on Mitre.org for more details.