user/qemu: multiple vulnerabilities
| Bugzilla ID | 272 |
| Alias(es) | CVE-2020-10702, CVE-2020-10717, CVE-2020-10761, CVE-2020-11869, CVE-2020-12829, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE-2020-13800, CVE-2020-14364, CVE-2020-14415, CVE-2020-15469, CVE-2020-15859, CVE-2020-15863, CVE-2020-16092 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-24 14:40:33 -0500 |
| Modified | 2020-09-04 16:04:17 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
| Package(s) | user/qemu |
| URL | https://www.openwall.com/lists/oss-security/2020/04/24/2 |
Description
CVE-2020-11869: https://www.openwall.com/lists/oss-security/2020/04/24/2
An integer overflow flaw was found in QEMU in the way it implemented
the ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine
while handling MMIO write operations through ati_mm_write() callback.
A malicious guest could abuse this flaw to crash the QEMU process,
resulting in a denial of service.
Fixed in >= 5.0.0 https://git.qemu.org/?p=qemu.git;a=commit;h=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7