CVE-2017-8284

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 2.9.0

Description The issue is related to the disas insn function in target/i386/translate.c of the QEMU emulator, which does not limit the instruction size when TCG mode without hardware acceleration is used. This allows local users to gain privileges by creating a modified basic block that injects code into a setuid program. The vendor has stated that this bug does not violate any security guarantees QEMU makes.

Recommendations For QEMU versions prior to 2.9.0, update to version 2.9.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the disas insn function in target/i386/translate.c until a patch is available. Additionally, avoid using TCG mode without hardware acceleration to minimize the risk of exploitation.