PT-2017-2974 · Qemu+5 · Qemu+5

Thomas Garnier

Publicado

2017-09-05

Atualizado

2024-06-15

CVE-2017-14167

CVSS v3.1

8.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is caused by an integer overflow in the load multiboot function, located in hw/i386/multiboot.c, which is part of the QEMU emulator. This can be exploited by an attacker in the local guest operating system, allowing them to execute arbitrary code on the host operating system. The exploitation is possible through specially crafted multiboot header address values, leading to an out-of-bounds write.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALT-PU-2017-2829

BDU:2017-02299

CESA-2017_3368

CVE-2017-14167

DLA-1128-1

DLA-1129-1

DLA-1497-1

DSA-3991-1

OPENSUSE-SU-2017_2938-1

OPENSUSE-SU-2017_2941-1

OPENSUSE-SU-2024:11287-1

RHSA-2017:3368

RHSA-2017:3369

RHSA-2017:3466

RHSA-2017:3470

RHSA-2017:3471

RHSA-2017:3472

RHSA-2017:3473

RHSA-2017:3474

RHSA-2017_3368

SUSE-SU-2017:2924-1

SUSE-SU-2017:2936-1

SUSE-SU-2017:2946-1

SUSE-SU-2017:2963-1

SUSE-SU-2017:2969-1

SUSE-SU-2017:3084-1

USN-3575-1

USN-3575-2

Produtos afetados

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

PT-2017-2974 · Qemu+5 · Qemu+5

CVE-2017-14167

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 398