An issue exists in QEMU up to and including 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu |
||
qemu qemu 5.0.0 |