Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-5931

Опубликовано: 27 мар. 2017
Источник: ubuntu
Приоритет: medium
CVSS2: 7.2
CVSS3: 8.8

Описание

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/xenial

not-affected

code not present
precise

DNE

trusty

not-affected

code not present
trusty/esm

not-affected

code not present
upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

not-affected

code not present

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

not-affected

code not present
trusty

DNE

trusty/esm

DNE

upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

DNE

yakkety

DNE

Показывать по

Ссылки на источники

7.2 High

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-5931

CVSS3: 4
redhat
больше 8 лет назад

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

nvd логотип

CVE-2017-5931

CVSS3: 8.8
nvd
около 8 лет назад

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

msrc логотип

CVE-2017-5931

CVSS3: 8.8
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2017-5931

CVSS3: 8.8
debian
около 8 лет назад

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emula ...

github логотип

GHSA-4w9r-63g7-xmfj

CVSS3: 8.8
github
около 3 лет назад

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

7.2 High

CVSS2

8.8 High

CVSS3