QwikSec

Security Database

CVE

CWE

Training

CVE-2018-7550

Published: Mar 1, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

[qemu-devel] 20180228 [PATCH] multiboot: check mh_load_end_addr address field

mailing-list

[debian-lts-announce] 20180417 [SECURITY] [DLA 1351-1] qemu security update

mailing-list

vendor-advisory

[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update

mailing-list

vendor-advisory

[debian-lts-announce] 20180417 [SECURITY] [DLA 1350-1] qemu-kvm security update

mailing-list

vdb-entry

https://bugzilla.redhat.com/show_bug.cgi?id=1549798

vendor-advisory

https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.