CVE-2017-13673

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.

References

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html

http://www.openwall.com/lists/oss-security/2017/09/10/1

http://www.securityfocus.com/bid/100527

https://access.redhat.com/errata/RHSA-2018:1104

https://access.redhat.com/errata/RHSA-2018:1113

https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bfc56535f793c557aa754c50213fc5f882e6482d

https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04685.html

Details

Source: MITRE

Published: 2017-08-29

Updated: 2019-10-03

Type: CWE-617

Risk Information

CVSS v2

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
124947EulerOS Virtualization 3.0.1.0 : qemu (EulerOS-SA-2019-1444)NessusHuawei Local Security Checks
high
124908EulerOS Virtualization for ARM 64 3.0.1.0 : qemu-kvm (EulerOS-SA-2019-1405)NessusHuawei Local Security Checks
high
123493openSUSE Security Update : qemu (openSUSE-2019-1074)NessusSuSE Local Security Checks
high
122776SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:0582-1)NessusSuSE Local Security Checks
high
122471SUSE SLES12 Security Update : qemu (SUSE-SU-2019:0489-1)NessusSuSE Local Security Checks
high
117568EulerOS Virtualization 2.5.1 : qemu-kvm (EulerOS-SA-2018-1259)NessusHuawei Local Security Checks
medium
109070RHEL 7 : Virtualization (RHSA-2018:1104)NessusRed Hat Local Security Checks
critical
105960Fedora 27 : xen (2017-b4329d6ee5)NessusFedora Local Security Checks
medium
104347Fedora 25 : xen (2017-d4709b0d8b)NessusFedora Local Security Checks
high
104310Fedora 26 : xen (2017-5bcddc1984)NessusFedora Local Security Checks
high