Vulnerability Details : CVE-2020-11869
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2020-11869
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11869
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11869
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
3.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
1.8
|
1.4
|
NIST |
CWE ids for CVE-2020-11869
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-11869
-
https://usn.ubuntu.com/4372-1/
USN-4372-1: QEMU vulnerabilities | Ubuntu security notices
-
http://www.openwall.com/lists/oss-security/2020/04/24/2
oss-security - CVE-2020-11869 qemu: integer overflow in ati_2d_blt() in hw/display/ati-2d.c could lead to DoSMailing List;Patch;Third Party Advisory
-
https://git.qemu.org/?p=qemu.git;a=commit;h=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7
git.qemu.org Git - qemu.git/commitMailing List;Patch;Vendor Advisory
Jump to