PT-2018-2473 · Qemu+5 · Qemu+5

Jiang Xin

Publicado

2018-01-23

Atualizado

2020-10-15

CVE-2018-5683

CVSS v3.1

6.0

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is related to the vga draw text function in QEMU, which is associated with incorrect input validation. This can lead to a denial of service, causing an out-of-bounds read and a crash of the QEMU process. Local OS guest privileged users can exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2018-1226

ALT-PU-2018-1657

BDU:2019-00716

CESA-2018_0816

CESA-2018_2162

CVE-2018-5683

DLA-1497-1

DSA-4213-1

OPENSUSE-SU-2018_0459-1

OPENSUSE-SU-2018_0780-1

RHSA-2018:0816

RHSA-2018:1104

RHSA-2018:1113

RHSA-2018:2162

RHSA-2018_0816

RHSA-2018_2162

SUSE-SU-2018:0438-1

SUSE-SU-2018:0472-1

SUSE-SU-2018:0601-1

SUSE-SU-2018:0609-1

SUSE-SU-2018:0638-1

SUSE-SU-2018:0678-1

SUSE-SU-2018:0762-1

SUSE-SU-2018:0831-1

SUSE-SU-2018:1077-1

SUSE-SU-2018:1308-1

USN-3575-1

USN-3575-2

Produtos afetados

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

PT-2018-2473 · Qemu+5 · Qemu+5

CVE-2018-5683

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 273