Lucene search
K

11 matches found

CNVD
CNVD
added 2017/10/17 12:0 a.m.2 views

Qemu Denial of Service Vulnerability (CNVD-2017-32215)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in the mode4and5 write functions of the hw/display/cirrusvga.c file in QEMU. A local attacker can exploit this...

6CVSS6.7AI score0.00463EPSS
Exploits0References1
OSV
OSV
added 2017/04/21 12:0 a.m.3 views

UBUNTU-CVE-2017-7980

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator Qemu 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service crash via vectors related to a VNC client updating its display after a VGA operation...

7.8CVSS7.4AI score0.00625EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/04/18 4:56 a.m.10 views

Qemu: display: cirrus: OOB r/w access issues in bitblt routines

An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on...

7.8CVSS7.7AI score0.00625EPSS
Exploits0References4
Xen Project
Xen Project
added 2017/03/14 12:0 p.m.101 views

Cirrus VGA Heap overflow via display refresh

ISSUE DESCRIPTION When a graphics update command gets passed to the VGA emulator, there are 3 possible modes that can be used to update the display: blank - Clears the display text - Treats the display as showing text graph - Treats the display as showing graphics After the display geometry gets...

9.9CVSS7.6AI score0.04448EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2017/02/27 11:12 p.m.3 views

Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

Quick emulator QEMU built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrusbitbltcputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute...

9.9CVSS7.7AI score0.03559EPSS
Exploits0References5
Xen Project
Xen Project
added 2017/02/21 12:0 p.m.75 views

cirrus_bitblt_cputovideo does not check if memory region is safe

ISSUE DESCRIPTION In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo fails to check wethehr the specified memory region is safe. IMPACT A malicious guest administrator can cause an out of bounds memory write, very likely exploitable as a privilege escalation. VULNERABL...

9.9CVSS2.5AI score0.03559EPSS
Exploits0
OSV
OSV
added 2008/12/29 3:24 p.m.1 views

DEBIAN-CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...

7.2CVSS8.6AI score0.00537EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2008/12/29 3:24 p.m.4 views

CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...

7.2CVSS5.8AI score0.00537EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2007/05/03 12:0 a.m.31 views

Debian DSA-1284-1 : qemu - several vulnerabilities

Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1320 Tavis Ormandy discovered that a memory manageme...

7.2CVSS8.5AI score0.00607EPSS
Exploits0References13
OSV
OSV
added 2007/05/01 12:0 a.m.39 views

DSA-1284-1 qemu

Bulletin has no description...

7.2CVSS6.8AI score0.00607EPSS
Exploits0
FreeBSD
FreeBSD
added 2007/05/01 12:0 a.m.30 views

qemu -- several vulnerabilities

The Debian Security Team reports: Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1320Tavis Ormandy...

7.2CVSS9.4AI score0.00493EPSS
Exploits0References1
Rows per page
Query Builder