Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-5667

Опубликовано: 30 янв. 2017
Источник: redhat
CVSS3: 5.4
CVSS2: 3.8

Описание

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 10 (Newton)qemu-kvm-rhevNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1417559Qemu: sd: sdhci OOB access during multi block SDMA transfer

5.4 Medium

CVSS3

3.8 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-5667

CVSS3: 6.5
ubuntu
почти 9 лет назад

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

nvd логотип

CVE-2017-5667

CVSS3: 6.5
nvd
почти 9 лет назад

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

debian логотип

CVE-2017-5667

CVSS3: 6.5
debian
почти 9 лет назад

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...

github логотип

GHSA-68jp-963w-w97x

CVSS3: 6.5
github
больше 3 лет назад

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

fstec логотип

BDU:2017-00654

fstec
почти 9 лет назад

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

5.4 Medium

CVSS3

3.8 Low

CVSS2