Bugzilla – Bug 1172495
VUL-0: CVE-2020-13800: qemu: ati-vga: infinite recursion in ati_mm_read/write calls may lead to DoS
Last modified: 2020-08-08 10:27:57 UTC
CVE-2020-13800 An infinite recursion issue was found in the ati-vga emulator of the QEMU. It could occur in ati_mm_read/write routines while accessing VGA registers, for certain values of the 'mm_index' variable. A guest user/process may use this flaw to crash the QEMU process resulting in DoS scenario. References: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00833.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13800 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800
Created attachment 838490 [details] CVE-2020-13800-qemu.patch Upstream patch
ATI VGA emulation was introduced in QEMU 4.0. Thus only SUSE:SLE-15-SP2:Update is affected.
Fix now committed upstream as a98610c429d52db0937c1e48659428929835c455
Fix is queued for first SLE15-SP2 maintenance update.
SUSE-SU-2020:2015-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1172383,1172384,1172386,1172495,1172710 CVE References: CVE-2020-10761,CVE-2020-13361,CVE-2020-13362,CVE-2020-13659,CVE-2020-13800 Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP2 (src): qemu-4.2.1-11.4.4 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): qemu-4.2.1-11.4.4 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2020:1108-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1172383,1172384,1172386,1172495,1172710 CVE References: CVE-2020-10761,CVE-2020-13361,CVE-2020-13362,CVE-2020-13659,CVE-2020-13800 JIRA References: Sources used: openSUSE Leap 15.2 (src): qemu-4.2.1-lp152.9.3.1, qemu-linux-user-4.2.1-lp152.9.3.1, qemu-testsuite-4.2.1-lp152.9.3.1
done