CVE-2017-7718
20.04.2017, 17:59
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| qemu | qemu | 𝑥 ≤ 2.8.1.1 |
| qemu | qemu | 2.9.0:rc0 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| qemu |
| ||||||||||||||||||||||||||
| qemu-kvm |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| qemu |
| ||||||||
| qemu-arm |
| ||||||||
| qemu-block-curl |
| ||||||||
| qemu-block-rbd |
| ||||||||
| qemu-block-ssh |
| ||||||||
| qemu-guest-agent |
| ||||||||
| qemu-ipxe |
| ||||||||
| qemu-kvm |
| ||||||||
| qemu-lang |
| ||||||||
| qemu-ppc |
| ||||||||
| qemu-s390 |
| ||||||||
| qemu-seabios |
| ||||||||
| qemu-sgabios-8 |
| ||||||||
| qemu-tools |
| ||||||||
| qemu-vgabios |
| ||||||||
| qemu-x86 |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||
|---|---|---|---|---|---|
| qemu-guest-agent |
| ||||
| qemu-img |
| ||||
| qemu-kvm |
| ||||
| qemu-kvm-common |
| ||||
| qemu-kvm-tools |
|
Common Weakness Enumeration
References