In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the aticursordefine() routine while handling MMIO write operations through the atimmwrite() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.
{
"source": "CPE_STRING",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.0-NA"
}
],
"cpe": "cpe:2.3:a:qemu:qemu:4.1.0:-:*:*:*:*:*:*"
}{
"source": "CPE_STRING",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.0-NA"
}
],
"cpe": "cpe:2.3:a:qemu:qemu:4.1.0:-:*:*:*:*:*:*"
}