CVE-2017-7718

CVE-2017-7718

EPSS 0.5%

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=215902d7b6fb50c6fc216fc74f770858278ed904 https://access.redhat.com/errata/RHSA-2017:0980 https://access.redhat.com/errata/RHSA-2017:0981 https://access.redhat.com/errata/RHSA-2017:0982 https://access.redhat.com/errata/RHSA-2017:0983 https://access.redhat.com/errata/RHSA-2017:0984 https://access.redhat.com/errata/RHSA-2017:0988 https://access.redhat.com/errata/RHSA-2017:1205 https://access.redhat.com/errata/RHSA-2017:1206 https://access.redhat.com/errata/RHSA-2017:1430 https://access.redhat.com/errata/RHSA-2017:1431 https://access.redhat.com/errata/RHSA-2017:1441