ALT-PU-2017-1158-1
Closed vulnerabilities
Published: 2018-07-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-2615
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
Severity: CRITICAL (9.1)
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
References:
- RHSA-2017:0309
- RHSA-2017:0309
- RHSA-2017:0328
- RHSA-2017:0328
- RHSA-2017:0329
- RHSA-2017:0329
- RHSA-2017:0330
- RHSA-2017:0330
- RHSA-2017:0331
- RHSA-2017:0331
- RHSA-2017:0332
- RHSA-2017:0332
- RHSA-2017:0333
- RHSA-2017:0333
- RHSA-2017:0334
- RHSA-2017:0334
- RHSA-2017:0344
- RHSA-2017:0344
- RHSA-2017:0350
- RHSA-2017:0350
- RHSA-2017:0396
- RHSA-2017:0396
- RHSA-2017:0454
- RHSA-2017:0454
- [oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
- [oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
- 95990
- 95990
- 1037804
- 1037804
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)
- [qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)
- GLSA-201702-27
- GLSA-201702-27
- GLSA-201702-28
- GLSA-201702-28
- https://support.citrix.com/article/CTX220771
- https://support.citrix.com/article/CTX220771