Skip to content

GitLab

  • Menu
Projects Groups Snippets
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • Adélie Package Tree Adélie Package Tree
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 309
    • Issues 309
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 21
    • Merge requests 21
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Releases
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Adélie Linux
  • Adélie Package TreeAdélie Package Tree
  • Issues
  • #272

Closed
Open
Created Apr 24, 2020 by Emily@emily🤖

user/qemu: multiple vulnerabilities

Bugzilla ID 272
Alias(es) CVE-2020-10702, CVE-2020-10717, CVE-2020-10761, CVE-2020-11869, CVE-2020-12829, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE-2020-13800, CVE-2020-14364, CVE-2020-14415, CVE-2020-15469, CVE-2020-15859, CVE-2020-15863, CVE-2020-16092
Reporter Max Rees (sroracle)
Assignee Max Rees (sroracle)
Reported 2020-04-24 14:40:33 -0500
Modified 2020-09-04 16:04:17 -0500
Status CONFIRMED
Version 1.0-RC1
Hardware Adélie Linux / All
Importance --- / minor
Package(s) user/qemu
URL https://www.openwall.com/lists/oss-security/2020/04/24/2

Description

CVE-2020-11869: https://www.openwall.com/lists/oss-security/2020/04/24/2

An integer overflow flaw was found in QEMU in the way it implemented
the ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine
while handling MMIO write operations through ati_mm_write() callback.
A malicious guest could abuse this flaw to crash the QEMU process,
resulting in a denial of service.

Fixed in >= 5.0.0 https://git.qemu.org/?p=qemu.git;a=commit;h=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7

Assignee
Assign to
Time tracking