5.4 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.9%
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the ‘vnc_refresh_server_surface’. A user inside a guest could use this flaw to crash the QEMU process.
[
{
"product": "Qemu:",
"vendor": "QEMU",
"versions": [
{
"status": "affected",
"version": "1.7.2"
}
]
}
]
www.openwall.com/lists/oss-security/2017/02/23/1
www.securityfocus.com/bid/96417
access.redhat.com/errata/RHSA-2017:1205
access.redhat.com/errata/RHSA-2017:1206
access.redhat.com/errata/RHSA-2017:1441
access.redhat.com/errata/RHSA-2017:1856
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2633
git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9f64916da20eea67121d544698676295bbb105a7
git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=bea60dd7679364493a0d7f5b54316c767cf894ef
5.4 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.9%