---

CVE-2021-3638 - log back

CVE-2021-3638 edited at 10 Jul 2021 19:14:22
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ An out-of-bounds memory access security issue was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service. + + Note: this is similar to CVE-2020-11869, CVE-2020-24352 and CVE-2020-27616.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1979858

CVE-2021-3638 created at 10 Jul 2021 19:13:38
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes