Back to search
CVE-2018-7858
Published: Mar 12, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2018:2162
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1553402
x_refsource_CONFIRM
RHSA-2018:1369
vendor-advisory
x_refsource_REDHAT
USN-3649-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2018:1416
vendor-advisory
x_refsource_REDHAT
103350
vdb-entry
x_refsource_BID
[oss-security] 20180309 CVE-2018-7858 Qemu: cirrus: OOB access when updating vga display
mailing-list
x_refsource_MLIST
[qemu-devel] 20180308 [PATCH] vga: fix region calculation
mailing-list
x_refsource_MLIST
openSUSE-SU-2019:1074
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now