Lucene search

K
cvelistMitreCVELIST:CVE-2020-12829
HistoryAug 31, 2020 - 2:41 p.m.

CVE-2020-12829

2020-08-3114:41:14
mitre
www.cve.org
11
qemu
sm501
integer overflow
denial of service

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service.