Back to search
CVE-2017-15289
Published: Oct 16, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2018:0516
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3473
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
mailing-list
x_refsource_MLIST
DSA-4213
vendor-advisory
x_refsource_DEBIAN
101262
vdb-entry
x_refsource_BID
[oss-security] 20171012 CVE-2017-15289 Qemu: cirrus: OOB access issue in mode4and5 write functions
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1501290
x_refsource_CONFIRM
RHSA-2017:3470
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3472
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3474
vendor-advisory
x_refsource_REDHAT
USN-3575-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2017:3471
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3368
vendor-advisory
x_refsource_REDHAT
[qemu-devel] 20171011 [PATCH v2] cirrus: fix oob access in mode4and5 write functions
mailing-list
x_refsource_MLIST
RHSA-2017:3466
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3369
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now