oss-sec mailing list archives
Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
From: <cve-assign () mitre org>
Date: Fri, 9 Dec 2016 00:13:41 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS. https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html https://bugzilla.redhat.com/show_bug.cgi?id=1334398 http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70
Use CVE-2016-9921 for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue. Use CVE-2016-9922 for the "blit pitch values" issue. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYSjxDAAoJEHb/MwWLVhi2KvEP+wd+MdU2D7RZ4WVw/3M+G17C 1D/KdgtB4D8i+Dx5AkCwFBFY85bZxMPCGe4gGxno/3MyzhxIik6AZ0jPOw2yOeI6 jCp2S1gwowMs7jFexlG4nEQy3b+rBbjbGEvL0TSDyIKhvFdi8g+izv5u//49NvRi U1zNoHOzscgSlswSt+M8kYnKUDsfznisqjrCXc0F5cqksB9fcCf7bXWGjh5iAe4b vl0uO+5zQgCafAduS/+EQtDJheW9ussbAoLlJvVAfRQo9Ue7l3iZhyT1ty5gf4AO UH4kFYCuYMrQecbfYbKszS2ZZ4pF5hPXF9iXH+758n5ICyhk4h4q5dxwRtrEe7vC rT9lww4agFnrV9++TiUtB8UyldibNgxidEAsWxnkHS8mHPOB3ClPlHgr0FOekEkp hounmHanE8K/e66J79DESxX2GaFmLi1AbkF4x8ZeYF3I3dyjfEsNFEbPePwYp/1d OBjjebavjtJef22GzQsaqWw9OXnkaqRYCKmH8PatX4msjzLCeBJ4jOKXTSExzFxs KJiWx/5lXOb86VlrjVbTA/kJNxIjNHl3b1hBGz6rTrfkHeRs+W9OHgMBRNL4GHxP 04DmwoQrRIG6fuvhTEjHU87vzf527BoqlAn/EgSzIQWKzkfIqUGiiWypvwVIftfQ r3ilsSTK4Ga5P42dkDYZ =Q5bc -----END PGP SIGNATURE-----
Current thread:
- CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy P J P (Dec 07)
- Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy Huawei PSIRT (Dec 08)
- Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy cve-assign (Dec 08)