PT-2017-15456 · Qemu+5 · Qemu+5

Publicado

2014-04-22

Atualizado

2019-10-09

CVE-2017-2633

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 1.7.2

Description An out-of-bounds memory access issue was found in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the vnc refresh server surface function. A user inside a guest could use this flaw to crash the QEMU process.

Recommendations For versions prior to 1.7.2, update to version 1.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the VNC display driver to minimize the risk of exploitation.

Correção

Buffer Overflow

Out of bounds Read

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120CWE-125CWE-787

Identificadores relacionados

ALT-PU-2014-1526

CESA-2017_1206

CESA-2017_1856

CVE-2017-2633

RHSA-2017:1205

RHSA-2017:1206

RHSA-2017:1441

RHSA-2017:1856

RHSA-2017_1206

RHSA-2017_1856

SUSE-SU-2017:1080-1

SUSE-SU-2017:1081-1

SUSE-SU-2017:1147-1

SUSE-SU-2017:2969-1

SUSE-SU-2018:0019-1

SUSE-SU-2018:0039-1

USN-3261-1

Produtos afetados

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

PT-2017-15456 · Qemu+5 · Qemu+5

CVE-2017-2633

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 267