Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-14167

Опубликовано: 05 сент. 2017
Источник: redhat
CVSS3: 4.9
CVSS2: 3.7
EPSS Низкий

Описание

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.

Quick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur due to an integer overflow while loading a kernel image during a guest boot. A user or process could use this flaw to potentially achieve arbitrary code execution on a host.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 6qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 12 (Pike)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux 7qemu-kvmFixedRHSA-2017:336830.11.2017
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:347314.12.2017
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:347214.12.2017
Red Hat OpenStack Platform 10.0 (Newton)qemu-kvm-rhevFixedRHSA-2017:347414.12.2017
Red Hat OpenStack Platform 11.0 (Ocata)qemu-kvm-rhevFixedRHSA-2017:346614.12.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1489375Qemu: i386: multiboot OOB access while loading kernel image

EPSS

Процентиль: 32%
0.00118
Низкий

4.9 Medium

CVSS3

3.7 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-14167

CVSS3: 8.8
ubuntu
почти 8 лет назад

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.

nvd логотип

CVE-2017-14167

CVSS3: 8.8
nvd
почти 8 лет назад

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.

msrc логотип

CVE-2017-14167

CVSS3: 8.8
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2017-14167

CVSS3: 8.8
debian
почти 8 лет назад

Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...

github логотип

GHSA-g34v-j3w9-h65r

CVSS3: 8.8
github
около 3 лет назад

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.

EPSS

Процентиль: 32%
0.00118
Низкий

4.9 Medium

CVSS3

3.7 Low

CVSS2