An out-of-bounds read flaw was found in function ati_cursor_define() in hw/display/ati.c, leading to possible denial of service under certain conditions.
This flaw did not affect the following versions of QEMU as they did not include support for ATI VGA emulation:
* `qemu-kvm-ma` as shipped with Red Hat Enterprise Linux 7.
* `qemu-kvm-rhev` as shipped with Red Hat Virtualization and Red Hat OpenStack.
* `qemu-kvm` as shipped with Red Hat Enterprise Linux 6, 7 and 8.
* `virt:8.2/qemu-kvm` as shipped with RHEL Advanced Virtualization.
ATI VGA emulation feature was introduced in QEMU upstream version 4.0.0.
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1841160]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):