Out-of-bounds read in QEMU - CVE-2017-2633
Published: July 27, 2018 / Updated: July 17, 2020
Vulnerability identifier: #VU31252
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-2633
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: QEMU
Affected software:
QEMU
QEMU
Detailed vulnerability description
The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
How to mitigate CVE-2017-2633
Install update from vendor's website.
Sources
- http://www.openwall.com/lists/oss-security/2017/02/23/1
- http://www.securityfocus.com/bid/96417
- https://access.redhat.com/errata/RHSA-2017:1205
- https://access.redhat.com/errata/RHSA-2017:1206
- https://access.redhat.com/errata/RHSA-2017:1441
- https://access.redhat.com/errata/RHSA-2017:1856
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2633
- https://git.qemu.org/?p=qemu.git;a=commitdiff;h=9f64916da20eea67121d544698676295bbb105a7
- https://git.qemu.org/?p=qemu.git;a=commitdiff;h=bea60dd7679364493a0d7f5b54316c767cf894ef