4 matches found
Qemu: display: cirrus: OOB read access issue
An out-of-bounds access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data using bitblt functions for example, cirrusbitbltropfwdtransp. A privileged user inside a guest could use this flaw to crash the QEMU process, resulting in...
Qemu: display: cirrus: oob access while doing bitblt copy backward mode
Quick emulator QEMU built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or...
FreeBSD : qemu -- Heap overflow in Cirrus emulation (07bb3bd2-a920-11dd-8503-0211060005df)
Aurelien Jarno reports : CVE-2008-4539: fix a heap overflow in Cirrus emulation The code in hw/cirrusvga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC...
qemu -- Heap overflow in Cirrus emulation
Aurelien Jarno reports: CVE-2008-4539: fix a heap overflow in Cirrus emulation The code in hw/cirrusvga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC...