Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2017-7980

Published: 25/07/2017 Updated: 04/08/2021
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Qemu

Vulnerability Summary

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and previous versions allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

canonical ubuntu linux 16.10

canonical ubuntu linux 17.04

debian debian linux 8.0

redhat openstack 6.0

redhat openstack 7.0

redhat openstack 8

redhat openstack 10

redhat openstack 9

redhat openstack 5.0

redhat virtualization 3.0

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server aus 7.6

redhat enterprise linux server eus 7.3

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux server tus 7.6

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server eus 7.4

redhat enterprise linux server eus 7.6

redhat enterprise linux workstation 6.0

redhat enterprise linux server 7.0

redhat enterprise linux server eus 7.5

redhat enterprise linux server tus 7.3

Vendor Advisories

Ubuntu Security Notice: qemu vulnerabilities
Several security issues were fixed in QEMU ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Com ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 90 (Mitaka)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 80 (Liberty)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: qemu-kvm security and bug fix update
Synopsis Important: qemu-kvm security and bug fix update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Red Hat: Important: qemu-kvm security update
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 60 (Juno) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Com ...
Red Hat: Important: qemu-kvm-rhev security update
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for RHEL-6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scorin ...
Red Hat: Important: qemu-kvm-rhev security and bug fix update
Synopsis Important: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 6Red Hat Product Security has rated this update as having a security impact of ...
Arch Linux Issues:
Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds r/w access issue It could occur while copying VGA data via various bitblt functions A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS OR potentially execute arbitrary code on a host with privilege ...
Citrix Security Bulletins: Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of an HVM guest VM to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 72 The following vulnerabilities have been a ...

References

CWE-119https://bugzilla.redhat.com/show_bug.cgi?id=1430056http://www.openwall.com/lists/oss-security/2017/04/21/1http://ubuntu.com/usn/usn-3289-1https://security.gentoo.org/glsa/201706-03http://www.securityfocus.com/bid/97955https://support.citrix.com/article/CTX230138http://www.securityfocus.com/bid/102129https://access.redhat.com/errata/RHSA-2017:1441https://access.redhat.com/errata/RHSA-2017:1430https://access.redhat.com/errata/RHSA-2017:1206https://access.redhat.com/errata/RHSA-2017:1205https://access.redhat.com/errata/RHSA-2017:0988https://access.redhat.com/errata/RHSA-2017:0984https://access.redhat.com/errata/RHSA-2017:0983https://access.redhat.com/errata/RHSA-2017:0982https://access.redhat.com/errata/RHSA-2017:0981https://access.redhat.com/errata/RHSA-2017:0980https://lists.debian.org/debian-lts-announce/2018/09/msg00007.htmlhttps://usn.ubuntu.com/3289-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook