Published: 27/02/2017 Updated: 12/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu

Several security issues were fixed in QEMU ...

Debian Bug report logs - #912655 qemu: CVE-2018-16847: Out-of-bounds r/w buffer access in cmb operations Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 2 Nov 2018 12:45:02 UTC Severity: importan ...

Debian Bug report logs - #916397 qemu: CVE-2018-16872: usb-mtp: path traversal by host filesystem manipulation in Media Transfer Protocol (MTP) Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 13 D ...

Debian Bug report logs - #916278 qemu: CVE-2018-19665 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 12 Dec 2018 14:12:02 UTC Severity: important Tags: security, upstream Found in version qemu/1 ...

Debian Bug report logs - #849798 qemu: CVE-2016-10028: display: virtio-gpu-3d: OOB access while reading virgl capabilities Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 31 Dec 2016 06:51:01 UTC ...

The virgl_cmd_get_capset function in hw/display/virtio-gpu-3dc in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0 ...

CWE-125 https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html http://www.securitytracker.com/id/1037525 http://www.securityfocus.com/bid/94981 http://www.openwall.com/lists/oss-security/2016/12/22/14 http://www.openwall.com/lists/oss-security/2016/12/20/1 https://security.gentoo.org/glsa/201701-49 http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=abd7f08b2353f43274b785db8c7224f082ef4d31 https://nvd.nist.gov https://usn.ubuntu.com/3268-1/

CVE-2016-10028

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect