Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 834596 (CVE-2021-3638) - app-emulation/qemu: DoS via guest in ATI VGA emulation
Summary: app-emulation/qemu: DoS via guest in ATI VGA emulation
Status: RESOLVED INVALID
Alias: CVE-2021-3638
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [upstream]
Keywords:
Depends on:
Blocks:
 
Reported: 2022-03-05 03:49 UTC by John Helmert III
Modified: 2022-03-05 03:52 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-05 03:49:55 UTC
CVE-2021-3638:

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Only real reference is Redhat's bug, unmerged patch is here:
https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-05 03:52:43 UTC
.. though, upstream seems to think this isn't a real security bug since ati-vga is clearly experimental.

https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg02544.html