Qemu: display: cirrus: OOB read access issue

An out-of-bounds access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data using bitblt functions for example, cirrusbitbltropfwdtransp. A privileged user inside a guest could use this flaw to crash the QEMU process, resulting in...

Qemu: display: cirrus: OOB r/w access issues in bitblt routines

An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on...

Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

Quick emulator QEMU built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrusbitbltcputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute...