CVE-2020-11869
Summary
| CVE | CVE-2020-11869 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-04-27 19:15:00 UTC |
| Updated | 2023-11-07 03:15:00 UTC |
| Description | An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. |
Risk And Classification
Problem Types: CWE-190
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| oss-security - CVE-2020-11869 qemu: integer overflow in ati_2d_blt() in hw/display/ati-2d.c could lead to DoS | MISC | www.openwall.com | Mailing List, Patch, Third Party Advisory |
| git.qemu.org Git - qemu.git/commit | git.qemu.org | ||
| git.qemu.org Git - qemu.git/commit | CONFIRM | git.qemu.org | Mailing List, Patch, Vendor Advisory |
| USN-4372-1: QEMU vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.