Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-5857

Опубликовано: 23 янв. 2017
Источник: redhat
CVSS3: 3
CVSS2: 2.3
EPSS Низкий

Описание

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 8 (Liberty)qemu-kvm-rhevNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-772
https://bugzilla.redhat.com/show_bug.cgi?id=1418382Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref

EPSS

Процентиль: 35%
0.00143
Низкий

3 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-5857

CVSS3: 6.5
ubuntu
почти 9 лет назад

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.

nvd логотип

CVE-2017-5857

CVSS3: 6.5
nvd
почти 9 лет назад

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.

debian логотип

CVE-2017-5857

CVSS3: 6.5
debian
почти 9 лет назад

Memory leak in the virgl_cmd_resource_unref function in hw/display/vir ...

github логотип

GHSA-p7q6-69w3-ppv9

CVSS3: 6.5
github
больше 3 лет назад

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.

fstec логотип

BDU:2017-00652

fstec
почти 9 лет назад

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 35%
0.00143
Низкий

3 Low

CVSS3

2.3 Low

CVSS2