11 matches found
Qemu Denial of Service Vulnerability (CNVD-2017-32215)
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in the mode4and5 write functions of the hw/display/cirrusvga.c file in QEMU. A local attacker can exploit this...
UBUNTU-CVE-2017-7980
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator Qemu 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service crash via vectors related to a VNC client updating its display after a VGA operation...
Qemu: display: cirrus: OOB r/w access issues in bitblt routines
An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on...
Cirrus VGA Heap overflow via display refresh
ISSUE DESCRIPTION When a graphics update command gets passed to the VGA emulator, there are 3 possible modes that can be used to update the display: blank - Clears the display text - Treats the display as showing text graph - Treats the display as showing graphics After the display geometry gets...
Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo
Quick emulator QEMU built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrusbitbltcputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute...
cirrus_bitblt_cputovideo does not check if memory region is safe
ISSUE DESCRIPTION In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo fails to check wethehr the specified memory region is safe. IMPACT A malicious guest administrator can cause an out of bounds memory write, very likely exploitable as a privilege escalation. VULNERABL...
DEBIAN-CVE-2008-4539
Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...
CVE-2008-4539
Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...
Debian DSA-1284-1 : qemu - several vulnerabilities
Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1320 Tavis Ormandy discovered that a memory manageme...
DSA-1284-1 qemu
Bulletin has no description...
qemu -- several vulnerabilities
The Debian Security Team reports: Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1320Tavis Ormandy...