QwikSec

Security Database

CVE

CWE

Training

CVE-2020-11869

Published: Apr 27, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.openwall.com/lists/oss-security/2020/04/24/2

x_refsource_MISC

https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.