22.08.2020 15:31, Philippe Mathieu-Daudé пишет: > On 4/6/20 10:34 PM, BALATON Zoltan wrote: >> In some corner cases (that never happen during normal operation but a >> malicious guest could program wrong values) pixman functions were >> called with parameters that result in a crash. Fix this and add more >> checks to disallow such cases. > > (Fair) question on IRC. Is this patch fixing CVE-2020-24352?
Actually this is CVE-2020-11869. Almost of the same level as CVE-2020-24352, I think, especialy having in mind the experimental state of ati-vga. CVE-2020-24352 is still muddy. /mjt
