exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2017-7718

Status Candidate

Overview

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.

Related Files

Red Hat Security Advisory 2017-1441-01
Posted Jun 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1441-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-9603, CVE-2017-2633, CVE-2017-7718, CVE-2017-7980
SHA-256 | 3ad4644b24e8b2f79fa8d2b135c9f45efcda5f214c0ef67d158a2e9a2e3c9fdf
Red Hat Security Advisory 2017-1431-01
Posted Jun 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1431-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An out-of-bounds access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data using bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process, resulting in denial of service.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2017-7718
SHA-256 | 929ce65d4b0f5d7e304b55344d092f6059ead134932603c82d068bb4c225a5db
Red Hat Security Advisory 2017-1430-01
Posted Jun 13, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1430-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2017-7718, CVE-2017-7980
SHA-256 | d3c6b38c052faf81758299b8bdd59167b91ec5ba65303a095104ff38d31e94f1
Gentoo Linux Security Advisory 201706-03
Posted Jun 6, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-3 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow a remote attacker to cause a Denial of Service or gain elevated privileges from a guest VM. Versions less than 2.9.0-r2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9603, CVE-2017-7377, CVE-2017-7471, CVE-2017-7493, CVE-2017-7718, CVE-2017-7980, CVE-2017-8086, CVE-2017-8112, CVE-2017-8309, CVE-2017-8379, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330
SHA-256 | 084bb95086af0e33f54d877ff53d4043785b466e5629aaad50cc72dceafea3dc
Ubuntu Security Notice USN-3289-1
Posted May 16, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3289-1 - Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Li Qiang and Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device when being used with a VNC connection. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7377, CVE-2017-7718, CVE-2017-7980, CVE-2017-8086, CVE-2017-8309, CVE-2017-8379
SHA-256 | dde5185a850c3ac4a506f63cc22dbe863cf22505aee84dd81835562d4980c02a
Red Hat Security Advisory 2017-1206-01
Posted May 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1206-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

tags | advisory, overflow, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-9603, CVE-2017-2633, CVE-2017-7718, CVE-2017-7980
SHA-256 | b02b7173440f427f717685ada5dc95c4b660786f94efef1453ce77af5eac1c51
Red Hat Security Advisory 2017-1205-01
Posted May 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1205-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-9603, CVE-2017-2633, CVE-2017-7718, CVE-2017-7980
SHA-256 | 402bb60cbd271f30307359df59a64ca74bc2ac977bcc7313118c66cbb1746a97
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close