Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
2018-07-27T19:29:00.330
2024-11-21T03:23:50.890
Modified
CVSSv3.0: 5.5 (MEDIUM)
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.0
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | qemu | qemu | < 2.8.0 | Yes |
| Application | citrix | xenserver | 6.0.2 | Yes |
| Application | citrix | xenserver | 6.2.0 | Yes |
| Application | citrix | xenserver | 6.5 | Yes |
| Application | citrix | xenserver | 7.0 | Yes |
| Application | citrix | xenserver | 7.1 | Yes |
| Application | redhat | openstack | 5.0 | Yes |
| Application | redhat | openstack | 6.0 | Yes |
| Application | redhat | openstack | 7.0 | Yes |
| Application | redhat | openstack | 8 | Yes |
| Application | redhat | openstack | 9 | Yes |
| Application | redhat | openstack | 10 | Yes |
| Operating System | debian | debian_linux | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.3 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.3 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.5 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 7.0 | Yes |
| Operating System | xen | xen | ≤ 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |
| Operating System | xen | xen | 4.7.1 | Yes |