CVE-2020-12829

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1808510

https://usn.ubuntu.com/4467-1/

https://www.debian.org/security/2020/dsa-4760

Details

Source: MITRE

Published: 2020-08-31

Updated: 2020-12-14

Type: CWE-190

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 3.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

Impact Score: 1.4

Exploitability Score: 2

Severity: LOW

Tenable Plugins

View all (18 total)

IDNameProductFamilySeverity
150537SUSE SLES11 Security Update : kvm (SUSE-SU-2021:14704-1)NessusSuSE Local Security Checks
high
149640openSUSE Security Update : qemu (openSUSE-2021-600)NessusSuSE Local Security Checks
medium
148966SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1305-1)NessusSuSE Local Security Checks
high
148761SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1241-1)NessusSuSE Local Security Checks
high
148758SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1240-1)NessusSuSE Local Security Checks
high
148757SUSE SLES15 Security Update : qemu (SUSE-SU-2021:1244-1)NessusSuSE Local Security Checks
high
148755SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1243-1)NessusSuSE Local Security Checks
medium
148752SUSE SLES15 Security Update : qemu (SUSE-SU-2021:1245-1)NessusSuSE Local Security Checks
high
148751SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1242-1)NessusSuSE Local Security Checks
high
147700EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2021-1667)NessusHuawei Local Security Checks
medium
147523EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2021-1632)NessusHuawei Local Security Checks
medium
147128EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2021-1527)NessusHuawei Local Security Checks
medium
146269Oracle Linux 7 : qemu (ELSA-2021-9034)NessusOracle Linux Local Security Checks
medium
146243EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1275)NessusHuawei Local Security Checks
medium
146222EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1256)NessusHuawei Local Security Checks
medium
144726EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2021-1046)NessusHuawei Local Security Checks
high
140301Debian DSA-4760-1 : qemu - security updateNessusDebian Local Security Checks
medium
139725Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : QEMU vulnerabilities (USN-4467-1)NessusUbuntu Local Security Checks
medium