Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-2620

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.

Related bugs and status

CVE-2017-2620 (Candidate) is related to these bugs:

Bug #1647389: Regression: Live migrations can still crash after CVE-2016-5403 fix

Summary				In	Importance	Status
	1647389	Regression: Live migrations can still crash after CVE-2016-5403 fix		qemu (Ubuntu)	High	Fix Released
	1647389	Regression: Live migrations can still crash after CVE-2016-5403 fix		qemu (Ubuntu Xenial)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2017022...
MLIST: [qemu-devel] 20170221 ...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://xenbits.xen.or...
MLIST: [debian-lts-announce] ...
CONFIRM: https://support.citrix...
GENTOO: GLSA-201703-07
GENTOO: GLSA-201704-01
REDHAT: RHSA-2017:0328
REDHAT: RHSA-2017:0329
REDHAT: RHSA-2017:0330
REDHAT: RHSA-2017:0331
REDHAT: RHSA-2017:0332
REDHAT: RHSA-2017:0333
REDHAT: RHSA-2017:0334
REDHAT: RHSA-2017:0350
REDHAT: RHSA-2017:0351
REDHAT: RHSA-2017:0352
REDHAT: RHSA-2017:0396
REDHAT: RHSA-2017:0454
BID: 96378
SECTRACK: 1037870
MLIST: [debian-lts-announce] ...