Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 834596 (CVE-2021-3638)

Summary: app-emulation/qemu: DoS via guest in ATI VGA emulation
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: minor CC: ajak, tamiko, virtualization, zlogene
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1979858
Whiteboard: B3 [upstream]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-05 03:49:55 UTC 
CVE-2021-3638:

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Only real reference is Redhat's bug, unmerged patch is here:
https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-05 03:52:43 UTC 
.. though, upstream seems to think this isn't a real security bug since ati-vga is clearly experimental.

https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg02544.html