Описание
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:2.8+dfsg-3ubuntu2 |
| bionic | not-affected | 1:2.8+dfsg-3ubuntu2 |
| cosmic | not-affected | 1:2.8+dfsg-3ubuntu2 |
| devel | not-affected | 1:2.8+dfsg-3ubuntu2 |
| disco | not-affected | 1:2.8+dfsg-3ubuntu2 |
| eoan | not-affected | 1:2.8+dfsg-3ubuntu2 |
| esm-infra-legacy/trusty | released | 2.0.0+dfsg-2ubuntu1.33 |
| esm-infra/bionic | not-affected | 1:2.8+dfsg-3ubuntu2 |
| esm-infra/focal | not-affected | 1:2.8+dfsg-3ubuntu2 |
| esm-infra/xenial | released | 1:2.5+dfsg-5ubuntu10.11 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | uses system qemu |
| bionic | not-affected | uses system qemu |
| cosmic | not-affected | uses system qemu |
| devel | not-affected | uses system qemu |
| disco | not-affected | uses system qemu |
| eoan | not-affected | uses system qemu |
| esm-apps/focal | not-affected | uses system qemu |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [4.4.2-0ubuntu0.14.04.11]] |
| esm-infra/bionic | not-affected | uses system qemu |
| esm-infra/xenial | not-affected | uses system qemu |
Показывать по
EPSS
9 Critical
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA E ...
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
EPSS
9 Critical
CVSS2
5.5 Medium
CVSS3