CVE-2020-27616
MEDIUMQEMU 4.2.1 - Denial of Service via ati_2d_blt Calculation
Title source: llmDescription
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process.
References (3)
Core 3
Core References
Mailing List, Patch, Third Party Advisory x_refsource_misc
https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg05018.html
Mailing List, Patch, Third Party Advisory x_refsource_confirm
http://www.openwall.com/lists/oss-security/2020/11/03/2
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20201202-0002/
Scores
CVSS v3
6.5
EPSS
0.0250
EPSS Percentile
82.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-682
Status
published
Products (1)
qemu/qemu
4.2.1
Published
Nov 06, 2020
Tracked Since
Feb 18, 2026