Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-20808

Опубликовано: 13 сент. 2019
Источник: redhat
CVSS3: 2.8
EPSS Низкий

Описание

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

An out-of-bounds read flaw was found in the ATI VGA implementation of the QEMU emulator. This flaw occurs in the ati_cursor_define() routine while handling MMIO write operations through ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

Отчет

This flaw did not affect the following versions of QEMU as they did not include support for ATI VGA emulation:

  • qemu-kvm-ma as shipped with Red Hat Enterprise Linux 7.
  • qemu-kvm-rhev as shipped with Red Hat Virtualization and Red Hat OpenStack.
  • qemu-kvm as shipped with Red Hat Enterprise Linux 6, 7 and 8.
  • virt:8.2/qemu-kvm as shipped with RHEL Advanced Virtualization. ATI VGA emulation feature was introduced in QEMU upstream version 4.0.0.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmOut of support scope
Red Hat Enterprise Linux 5xenOut of support scope
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-maNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevNot affected
Red Hat Enterprise Linux 8virt:rhel/qemu-kvmNot affected
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:8.2/qemu-kvmNot affected
Red Hat Enterprise Linux 9qemu-kvmNot affected
Red Hat OpenStack Platform 10 (Newton)qemu-kvm-rhevNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1841136QEMU: out-of-bounds read in ati_cursor_define() function in hw/display/ati.c leads to DoS

EPSS

Процентиль: 30%
0.00105
Низкий

2.8 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-20808

CVSS3: 6.5
ubuntu
больше 4 лет назад

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

nvd логотип

CVE-2019-20808

CVSS3: 6.5
nvd
больше 4 лет назад

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

debian логотип

CVE-2019-20808

CVSS3: 6.5
debian
больше 4 лет назад

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA imp ...

github логотип

GHSA-p8fx-hg9x-79mx

github
около 3 лет назад

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

oracle-oval логотип

ELSA-2021-9109

oracle-oval
больше 4 лет назад

ELSA-2021-9109: qemu security update (IMPORTANT)

EPSS

Процентиль: 30%
0.00105
Низкий

2.8 Low

CVSS3

Уязвимость CVE-2019-20808