Back to search
CVE-2016-9922
Published: Mar 27, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[qemu-devel] 20161205 [PULL 4/4] display: cirrus: check vga bits per pixel(bpp) value
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
mailing-list
x_refsource_MLIST
RHSA-2017:2392
vendor-advisory
x_refsource_REDHAT
94803
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1334398
x_refsource_CONFIRM
RHSA-2017:2408
vendor-advisory
x_refsource_REDHAT
[oss-security] 20161209 Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now