CVE-2017-2620 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2017-2620

CVE-2017-2620

July 27, 2018

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.

Related Resources (26)

http://rhn.redhat.com/errata/RHSA-2017-0454.html

http://www.securitytracker.com/id/1037870

http://www.openwall.com/lists/oss-security/2017/02/21/1

http://rhn.redhat.com/errata/RHSA-2017-0332.html

https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2620

https://support.citrix.com/article/CTX220771

http://rhn.redhat.com/errata/RHSA-2017-0352.html

https://access.redhat.com/security/cve/CVE-2017-2620

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620

https://security.gentoo.org/glsa/201703-07

http://rhn.redhat.com/errata/RHSA-2017-0329.html

http://rhn.redhat.com/errata/RHSA-2017-0331.html

http://rhn.redhat.com/errata/RHSA-2017-0333.html

http://rhn.redhat.com/errata/RHSA-2017-0330.html

https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

http://rhn.redhat.com/errata/RHSA-2017-0334.html

http://rhn.redhat.com/errata/RHSA-2017-0396.html

http://www.securityfocus.com/bid/96378

https://security.gentoo.org/glsa/201704-01

http://rhn.redhat.com/errata/RHSA-2017-0351.html

http://rhn.redhat.com/errata/RHSA-2017-0328.html

http://rhn.redhat.com/errata/RHSA-2017-0350.html

https://xenbits.xen.org/xsa/advisory-209.html

https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html

https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html

https://security-tracker.debian.org/tracker/CVE-2017-2620

Do you need more information?

CVSS v4

Base Score:

2.1

Attack Vector

ADJACENT

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

LOW

Vulnerable System Availability

LOW

Subsequent System Confidentiality

LOW

Subsequent System Integrity

LOW

Subsequent System Availability

LOW

CVSS v3

Base Score:

5.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

CVSS v2

Base Score:

9

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

Weakness Type (CWE)

Out-of-bounds Write

Out-of-bounds Read

EPSS

Base Score:

2.41