242 matches found
UBUNTU-CVE-2020-27616
ati2dblt in hw/display/ati2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process...
CVE-2020-27616
An out-of-bounds access flaw was found in the ati-vga emulator of the QEMU. This flaw occurs when the source and destination x y display parameters in ati2dblt have invalid values. This flaw allows a guest user or process to crash the QEMU process, resulting in a denial of service...
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service.
...
CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
DEBIAN-CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
Out-of-bounds
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
UBUNTU-CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
CVE-2020-24352
The CVE-2020-24352 issue affects QEMU (up to 5.1.0) and its ATI VGA emulation. The root cause is an out-of-bounds memory access in the ati_2d_blt() routine (hw/display/ati_2d.c) during MMIO writes handled by ati_mm_write(). A malicious guest could trigger this via the ATI VGA device, crashing the...
CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
Security update for qemu (important)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2020:1664-1 Rating: important References: 1174386 1174641 1174863 1175370 1175441 1176494 Cross-References: CVE-2020-14364 CVE-2020-15863 CVE-2020-16092 CVE-2020-24352 Affected Products: openSUSE Leap 15.2 An update...
ati-mak.com Cross Site Scripting vulnerability OBB-1271611
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4467-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4467-1 advisory. Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP ec...
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.
...
CVE-2020-24352
An out-of-bounds memory access flaw was found in the ATI VGA device implementation of the QEMU emulator. This flaw occurs in the ati2dblt routine while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw to crash the QEMU process on the host,...
openSUSE Security Update : qemu (openSUSE-2020-1108)
This update for qemu to version 4.2.1 fixes the following issues : - CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. - CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. - CVE-2020-13659: Fixed a NULL...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:2015-1)
This update for qemu to version 4.2.1 fixes the following issues : CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. CVE-2020-13659: Fixed a NULL pointer...