Out-of-bounds read in QEMU - CVE-2017-7718
Published: June 6, 2017 / Updated: June 8, 2017
Vulnerability identifier: #VU6938
CSH Severity: Low
CVSS v4.0:
CVE-ID: CVE-2017-7718
CWE-ID: CWE-125
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: QEMU
Affected software:
QEMU
QEMU
Detailed vulnerability description
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local
guest OS privileged users to cause a denial of service (out-of-bounds
read and QEMU process crash) via vectors related to copying VGA data via
the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.
How to mitigate CVE-2017-7718
Update to version 2.9.0-r2.