An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
| Product | Vendor | Version |
|---|---|---|
| QEMU | n/a | < dd6cb0a8575b00fbd503e96903184125176f4fa3 |
| QEMU | n/a | < 3.50 |