CVE-2017-2615

critical

Description

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.

References

https://support.citrix.com/article/CTX220771

https://security.gentoo.org/glsa/201702-28

https://security.gentoo.org/glsa/201702-27

https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html

https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615

http://www.securitytracker.com/id/1037804

http://www.securityfocus.com/bid/95990

http://www.openwall.com/lists/oss-security/2017/02/01/6

http://rhn.redhat.com/errata/RHSA-2017-0454.html

http://rhn.redhat.com/errata/RHSA-2017-0396.html

http://rhn.redhat.com/errata/RHSA-2017-0350.html

http://rhn.redhat.com/errata/RHSA-2017-0344.html

http://rhn.redhat.com/errata/RHSA-2017-0334.html

http://rhn.redhat.com/errata/RHSA-2017-0333.html

http://rhn.redhat.com/errata/RHSA-2017-0332.html

http://rhn.redhat.com/errata/RHSA-2017-0331.html

http://rhn.redhat.com/errata/RHSA-2017-0330.html

http://rhn.redhat.com/errata/RHSA-2017-0329.html

http://rhn.redhat.com/errata/RHSA-2017-0328.html

http://rhn.redhat.com/errata/RHSA-2017-0309.html

Details

Source: Mitre, NVD

Published: 2018-07-03

Updated: 2023-02-12

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Severity: Critical