Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2017-7718

Published: 20/04/2017 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Qemu

Vulnerability Summary

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu

qemu qemu 2.9.0

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: qemu vulnerabilities
Several security issues were fixed in QEMU ...
Red Hat: Important: qemu-kvm-rhev security and bug fix update
Synopsis Important: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for RHEL-7 and RHEV 4X RHEV-H and Agents for RHEL-7Red Hat Product Security has rated this update as having a secur ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Com ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 90 (Mitaka)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 80 (Liberty)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: qemu-kvm security and bug fix update
Synopsis Important: qemu-kvm security and bug fix update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Red Hat: Important: qemu-kvm security update
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 60 (Juno) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Com ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for RHEL-6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scorin ...
Red Hat: Important: qemu-kvm-rhev security and bug fix update
Synopsis Important: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 6Red Hat Product Security has rated this update as having a security impact of ...

References

CWE-125https://bugzilla.redhat.com/show_bug.cgi?id=1443441http://www.openwall.com/lists/oss-security/2017/04/19/4http://www.securityfocus.com/bid/97957https://security.gentoo.org/glsa/201706-03https://access.redhat.com/errata/RHSA-2017:1441https://access.redhat.com/errata/RHSA-2017:1431https://access.redhat.com/errata/RHSA-2017:1430https://access.redhat.com/errata/RHSA-2017:1206https://access.redhat.com/errata/RHSA-2017:1205https://access.redhat.com/errata/RHSA-2017:0988https://access.redhat.com/errata/RHSA-2017:0984https://access.redhat.com/errata/RHSA-2017:0983https://access.redhat.com/errata/RHSA-2017:0982https://access.redhat.com/errata/RHSA-2017:0981https://access.redhat.com/errata/RHSA-2017:0980https://lists.debian.org/debian-lts-announce/2018/09/msg00007.htmlhttp://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=215902d7b6fb50c6fc216fc74f770858278ed904https://usn.ubuntu.com/3289-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook