CVE-2020-11869
LOWQEMU 4.0.1-4.2.0 - Denial of Service via ATI VGA MMIO Write Integer Overflow
Title source: llmDescription
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.
References (3)
Core 3
Core References
Mailing List, Patch, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2020/04/24/2
Patch x_refsource_confirm
https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4372-1/
Scores
CVSS v3
3.3
EPSS
0.0009
EPSS Percentile
25.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-190
Status
published
Products (1)
qemu/qemu
4.0.1 - 4.2.0
Published
Apr 27, 2020
Tracked Since
Feb 18, 2026