CVE-2020-13800

Опубликовано: 04 июн. 2020

Источник: debian

EPSS Низкий

Описание

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:5.0-6		package
qemu	not-affected		buster	package
qemu	not-affected		stretch	package
qemu	not-affected		jessie	package

Примечания

https://www.openwall.com/lists/oss-security/2020/06/04/2
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00833.html
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a98610c429d52db0937c1e48659428929835c455

EPSS

Процентиль: 29%

0.00104

Низкий

Связанные уязвимости

CVE-2020-13800

CVSS3: 6

ubuntu

больше 5 лет назад

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

CVE-2020-13800

CVSS3: 2.5

redhat

больше 5 лет назад

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

CVE-2020-13800

CVSS3: 6

nvd

больше 5 лет назад

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

CVE-2020-13800

CVSS3: 6

msrc

больше 5 лет назад

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

GHSA-xhj5-rvcv-cccg

CVSS3: 6

github

больше 3 лет назад

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

EPSS

Процентиль: 29%

0.00104

Низкий