Описание
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm-rhev | Affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) | qemu-kvm-rhev | Affected | ||
| Red Hat Enterprise Linux 5 | kvm | Fixed | RHSA-2016:1943 | 27.09.2016 |
| Red Hat Enterprise Linux 6 | qemu-kvm | Fixed | RHSA-2016:0997 | 10.05.2016 |
| Red Hat Enterprise Linux 7 | qemu-kvm | Fixed | RHSA-2016:0724 | 09.05.2016 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 | qemu-kvm-rhev | Fixed | RHSA-2016:1019 | 11.05.2016 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2016:0999 | 10.05.2016 |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2016:1000 | 10.05.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.6 High
CVSS3
6.5 Medium
CVSS2
Связанные уязвимости
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
The VGA module in QEMU improperly performs bounds checking on banked a ...
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
EPSS
7.6 High
CVSS3
6.5 Medium
CVSS2