Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-13673

Опубликовано: 24 авг. 2017
Источник: redhat
CVSS3: 3
CVSS2: 2.3
EPSS Низкий

Описание

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.

An assert failure issue was found in the VGA display emulator built into the Quick emulator (QEMU). It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmWill not fix
Red Hat Enterprise Linux 5xenWill not fix
Red Hat Enterprise Linux 6qemu-kvmAffected
Red Hat Enterprise Linux 6qemu-kvm-rhevAffected
Red Hat Enterprise Linux 7qemu-kvmAffected
Red Hat Enterprise Linux 7qemu-kvm-rhevAffected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevWill not fix
Red Hat OpenStack Platform 10.0 (Newton)qemu-kvm-rhevFixedRHSA-2018:111311.04.2018
Red Hat OpenStack Platform 11.0 (Ocata)qemu-kvm-rhevFixedRHSA-2018:111311.04.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-617
https://bugzilla.redhat.com/show_bug.cgi?id=1486588QEMU: VGA: reachable assert failure during display update

EPSS

Процентиль: 72%
0.00732
Низкий

3 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-13673

CVSS3: 6.5
ubuntu
почти 8 лет назад

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.

nvd логотип

CVE-2017-13673

CVSS3: 6.5
nvd
почти 8 лет назад

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.

debian логотип

CVE-2017-13673

CVSS3: 6.5
debian
почти 8 лет назад

The vga display update in mis-calculated the region for the dirty bitm ...

github логотип

GHSA-pg5w-wp8p-gv59

CVSS3: 6.5
github
около 3 лет назад

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.

suse-cvrf логотип

SUSE-SU-2019:0489-1

suse-cvrf
больше 6 лет назад

Security update for qemu

EPSS

Процентиль: 72%
0.00732
Низкий

3 Low

CVSS3

2.3 Low

CVSS2