Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
6
CVSSv3

CVE-2017-15289

Published: 16/10/2017 Updated: 10/11/2020
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6 | Impact Score: 4 | Exploitability Score: 1.5
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu

Vendor Advisories

Ubuntu Security Notice: qemu regression
USN-3575-1 introduced a regression in QEMU ...
Ubuntu Security Notice: qemu vulnerabilities
Several security issues were fixed in QEMU ...
Debian Security Advisories: DSA-4213-1 qemu -- security update
Several vulnerabilities were discovered in qemu, a fast processor emulator CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service CVE-2017-15124 Daniel Berrange discovered that t ...
Red Hat: Moderate: qemu-kvm security update
Synopsis Moderate: qemu-kvm security update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Red Hat: Moderate: qemu-kvm-rhev security and bug fix update
Synopsis Moderate: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabilit ...
Red Hat: Moderate: qemu-kvm-rhev security and bug fix update
Synopsis Moderate: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 110 (Ocata)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Red Hat: Moderate: qemu-kvm-rhev security and bug fix update
Synopsis Moderate: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 80 (Liberty)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabilit ...
Red Hat: Moderate: qemu-kvm-rhev security and bug fix update
Synopsis Moderate: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 90 (Mitaka)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Red Hat: Moderate: qemu-kvm-rhev security update
Synopsis Moderate: qemu-kvm-rhev security update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 60 (Juno) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common ...
Red Hat: Moderate: qemu-kvm-rhev security update
Synopsis Moderate: qemu-kvm-rhev security update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common ...
Red Hat: Moderate: qemu-kvm-rhev security and bug fix update
Synopsis Moderate: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Virtualization (RHEV) 4X, Red Hat Enterprise Virtualization Hypervisor (RHEV-H) and Agents for Red Hat Enterprise Linux 7Red Hat ...
Red Hat: Moderate: qemu-kvm security update
Synopsis Moderate: qemu-kvm security update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Amazon Linux AMI: ALAS-2017-934
Quick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue The issue could occur due to an integer overflow while loading a kernel image during a guest boot A user or process could use this flaw to potentially achieve arbitrary code execution on a host (CVE-2017-141 ...
Debian CVElist Bug Report Logs: qemu: CVE-2017-17381: virtio: divide by zero exception while updating rings
Debian Bug report logs - #883625 qemu: CVE-2017-17381: virtio: divide by zero exception while updating rings Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 5 Dec 2017 21:15:01 UTC Severity: norm ...
Debian CVElist Bug Report Logs: qemu: CVE-2017-15289: cirrus: OOB access issue in mode4and5 write functions
Debian Bug report logs - #880832 qemu: CVE-2017-15289: cirrus: OOB access issue in mode4and5 write functions Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 4 Nov 2017 23:06:01 UTC Severity: impo ...
Debian CVElist Bug Report Logs: qemu: CVE-2017-15118: stack buffer overflow in NBD server triggered via long export name
Debian Bug report logs - #883406 qemu: CVE-2017-15118: stack buffer overflow in NBD server triggered via long export name Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 3 Dec 2017 16:36:01 UTC S ...
Debian CVElist Bug Report Logs: qemu: CVE-2017-15268: I/O: potential memory exhaustion via websock connection to VNC
Debian Bug report logs - #880836 qemu: CVE-2017-15268: I/O: potential memory exhaustion via websock connection to VNC Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 4 Nov 2017 23:21:02 UTC Sever ...
Debian CVElist Bug Report Logs: qemu: CVE-2017-15119: DoS via large option request
Debian Bug report logs - #883399 qemu: CVE-2017-15119: DoS via large option request Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 3 Dec 2017 15:51:01 UTC Severity: normal Tags: security, upstre ...
Debian CVElist Bug Report Logs: Coming updates for meltdown/spectre
Debian Bug report logs - #886532 Coming updates for meltdown/spectre Package: qemu; Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon) Reported by: Nigel Kukard <nkukard@lbsdnet> Date: Sun, 7 Jan 2018 12:15:02 UTC Severity: grave Fo ...
Red Hat: CVE-2017-15289
Quick emulator (QEMU), compiled with the Cirrus CLGD 54xx VGA Emulator support, is vulnerable to an OOB write access issue The issue could occur while writing to VGA memory via mode4and5 write functions A privileged user inside guest could use this flaw to crash the QEMU process resulting in Denial of Serivce (DoS) ...

References

CWE-787https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1501290http://www.openwall.com/lists/oss-security/2017/10/12/16http://www.securityfocus.com/bid/101262https://access.redhat.com/errata/RHSA-2017:3369https://access.redhat.com/errata/RHSA-2017:3368https://access.redhat.com/errata/RHSA-2017:3474https://access.redhat.com/errata/RHSA-2017:3473https://access.redhat.com/errata/RHSA-2017:3472https://access.redhat.com/errata/RHSA-2017:3471https://access.redhat.com/errata/RHSA-2017:3470https://access.redhat.com/errata/RHSA-2017:3466https://access.redhat.com/errata/RHSA-2018:0516https://usn.ubuntu.com/3575-1/https://www.debian.org/security/2018/dsa-4213https://lists.debian.org/debian-lts-announce/2018/09/msg00007.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/3575-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injectionCVE-2024-37079type confusionCVE-2024-32943CVE-2024-30103CVE-2024-37350arbitrary codeCVE-2024-6189CVE-2024-6225
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook