---

CVE-2021-4207 - log back

CVE-2021-4207 created at 11 May 2022 08:46:41
Severity	+ High
Remote	+ Unknown
Type	+ Unknown
Description	+ In the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow.
References	+ https://gitlab.com/qemu-project/qemu/-/commit/9569f5cb + https://starlabs.sg/advisories/22-4207/
Notes