PT-2017-15450 · Qemu+5 · Qemu+5

Published

2017-02-01

Updated

2024-06-15

CVE-2017-2615

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is related to an out-of-bounds access problem in QEMU when built with the Cirrus CLGD 54xx VGA emulator support. This problem can occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could exploit this flaw to crash the QEMU process, resulting in a denial of service (DoS), or potentially execute arbitrary code on the host with the privileges of the QEMU process on the host.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALT-PU-2017-1158

ALT-PU-2017-1521

CESA-2017_0309

CESA-2017_0396

CVE-2017-2615

DLA-1497-1

DLA-842-1

DLA-845-1

OPENSUSE-SU-2017_0665-1

OPENSUSE-SU-2017_0707-1

OPENSUSE-SU-2024:11287-1

OPENSUSE-SU-2024:11520-1

RHSA-2017:0309

RHSA-2017:0328

RHSA-2017:0329

RHSA-2017:0330

RHSA-2017:0331

RHSA-2017:0332

RHSA-2017:0333

RHSA-2017:0334

RHSA-2017:0344

RHSA-2017:0350

RHSA-2017:0396

RHSA-2017:0454

RHSA-2017_0309

RHSA-2017_0396

RHSA-2017_0454

SUSE-SU-2017:0570-1

SUSE-SU-2017:0571-1

SUSE-SU-2017:0582-1

SUSE-SU-2017:0625-1

SUSE-SU-2017:0647-1

SUSE-SU-2017:0661-1

SUSE-SU-2017:0718-1

SUSE-SU-2017:1135-1

SUSE-SU-2017:1241-1

SUSE-SU-2017:3084-1

USN-3261-1

Affected Products

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

PT-2017-15450 · Qemu+5 · Qemu+5

CVE-2017-2615

Weakness Enumeration

Related Identifiers

Affected Products

References · 556