Launchpad CVE tracker

CVE 2017-7980

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

Related bugs and status

CVE-2017-7980 (Candidate) is related to these bugs:

Bug #1581936: Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)

		In	Importance	Status
1581936	Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)	QEMU	Undecided	Fix Released
1581936	Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)	qemu (Ubuntu)	High	Fix Released
1581936	Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)	qemu (Ubuntu Xenial)	High	Fix Released
1581936	Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)	qemu (Ubuntu Trusty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2017042...
CONFIRM: https://bugzilla.redha...
UBUNTU: USN-3289-1
GENTOO: GLSA-201706-03
BID: 97955
CONFIRM: https://support.citrix...
BID: 102129
REDHAT: RHSA-2017:0980
REDHAT: RHSA-2017:0981
REDHAT: RHSA-2017:0982
REDHAT: RHSA-2017:0983
REDHAT: RHSA-2017:0984
REDHAT: RHSA-2017:0988
REDHAT: RHSA-2017:1205
REDHAT: RHSA-2017:1206
REDHAT: RHSA-2017:1430
REDHAT: RHSA-2017:1441
MLIST: [debian-lts-announce] ...

Launchpad.net

CVE 2017-7980

Related bugs and status

Related bugs

References