Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-7858

Опубликовано: 08 мар. 2018
Источник: redhat
CVSS3: 5.5
CVSS2: 4.9
EPSS Низкий

Описание

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmWill not fix
Red Hat Enterprise Linux 5xenWill not fix
Red Hat Enterprise Linux 7qemu-kvm-maNot affected
Red Hat Enterprise Linux 8qemu-kvmNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevWill not fix
Red Hat OpenStack Platform 11 (Ocata)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux 6qemu-kvmFixedRHSA-2018:216210.07.2018
Red Hat Enterprise Linux 7qemu-kvmFixedRHSA-2018:141614.05.2018
Red Hat OpenStack Platform 10.0 (Newton)qemu-kvm-rhevFixedRHSA-2018:164422.05.2018
Red Hat OpenStack Platform 12.0 (Pike)qemu-kvm-rhevFixedRHSA-2018:164322.05.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1553402QEMU: cirrus: OOB access when updating VGA display

EPSS

Процентиль: 23%
0.00074
Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2018-7858

CVSS3: 5.5
ubuntu
больше 7 лет назад

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

nvd логотип

CVE-2018-7858

CVSS3: 5.5
nvd
больше 7 лет назад

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

debian логотип

CVE-2018-7858

CVSS3: 5.5
debian
больше 7 лет назад

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Em ...

github логотип

GHSA-f62g-jrwm-hq59

CVSS3: 5.5
github
около 3 лет назад

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

oracle-oval логотип

ELSA-2018-1416

oracle-oval
около 7 лет назад

ELSA-2018-1416: qemu-kvm security update (MODERATE)

EPSS

Процентиль: 23%
0.00074
Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Уязвимость CVE-2018-7858