CVE-2017-2620

HIGH

Description

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.

ID	Name	Product	Family	Severity
140019	OracleVM 3.4 : xen (OVMSA-2020-0039) (Bunker Buster) (Foreshadow) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Meltdown) (POODLE) (Spectre)	Nessus	OracleVM Local Security Checks	critical
127343	NewStart CGSL MAIN 4.05 : qemu-kvm Multiple Vulnerabilities (NS-SA-2019-0108)	Nessus	NewStart CGSL Local Security Checks	high
117351	Debian DLA-1497-1 : qemu security update (Spectre)	Nessus	Debian Local Security Checks	high
111992	OracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)	Nessus	OracleVM Local Security Checks	critical
106633	Debian DLA-1270-1 : xen security update	Nessus	Debian Local Security Checks	high
104780	SUSE SLES11 Security Update : kvm (SUSE-SU-2017:3084-1)	Nessus	SuSE Local Security Checks	high
103830	OracleVM 3.4 : xen (OVMSA-2017-0153)	Nessus	OracleVM Local Security Checks	critical
102835	OracleVM 3.4 : xen (OVMSA-2017-0142)	Nessus	OracleVM Local Security Checks	critical
101434	Virtuozzo 7 : kmod-kvm / kmod-kvm-debug / kvm / kvm-qemu-img / etc (VZLSA-2017-0454)	Nessus	Virtuozzo Local Security Checks	high
101433	Virtuozzo 7 : qemu-img / qemu-kvm / qemu-kvm-common / etc (VZLSA-2017-0396)	Nessus	Virtuozzo Local Security Checks	high
101430	Virtuozzo 6 : qemu-guest-agent / qemu-img / qemu-kvm / etc (VZLSA-2017-0352)	Nessus	Virtuozzo Local Security Checks	high
100232	openSUSE Security Update : qemu (openSUSE-2017-589)	Nessus	SuSE Local Security Checks	high
100149	SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:1241-1)	Nessus	SuSE Local Security Checks	high
99977	OracleVM 3.2 : xen (OVMSA-2017-0096)	Nessus	OracleVM Local Security Checks	high
99976	OracleVM 3.3 : xen (OVMSA-2017-0095)	Nessus	OracleVM Local Security Checks	high
99883	EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2017-1038)	Nessus	Huawei Local Security Checks	high
99882	EulerOS 2.0 SP1 : qemu-kvm (EulerOS-SA-2017-1037)	Nessus	Huawei Local Security Checks	high
99758	SUSE SLES11 Security Update : kvm (SUSE-SU-2017:1135-1)	Nessus	SuSE Local Security Checks	high
99581	Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : qemu vulnerabilities (USN-3261-1)	Nessus	Ubuntu Local Security Checks	high
99274	GLSA-201704-01 : QEMU: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
99082	OracleVM 3.4 : qemu-kvm (OVMSA-2017-0055)	Nessus	OracleVM Local Security Checks	high
99014	GLSA-201703-07 : Xen: Privilege Escalation	Nessus	Gentoo Local Security Checks	high
97865	Fedora 24 : 2:qemu (2017-62ac1230f7)	Nessus	Fedora Local Security Checks	high
97828	SUSE SLES11 Security Update : xen (SUSE-SU-2017:0718-1)	Nessus	SuSE Local Security Checks	high
97804	Fedora 25 : 2:qemu (2017-31b976672b)	Nessus	Fedora Local Security Checks	high
97791	openSUSE Security Update : qemu (openSUSE-2017-349)	Nessus	SuSE Local Security Checks	high
97712	openSUSE Security Update : xen (openSUSE-2017-329)	Nessus	SuSE Local Security Checks	high
97696	SUSE SLES12 Security Update : qemu (SUSE-SU-2017:0661-1)	Nessus	SuSE Local Security Checks	high
97657	SUSE SLES11 Security Update : xen (SUSE-SU-2017:0647-1)	Nessus	SuSE Local Security Checks	high
97616	Fedora 24 : xen (2017-1607a3a78e)	Nessus	Fedora Local Security Checks	high
97611	CentOS 5 : kvm (CESA-2017:0454)	Nessus	CentOS Local Security Checks	high
97599	SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)	Nessus	SuSE Local Security Checks	high
97597	Scientific Linux Security Update : kvm on SL5.x x86_64 (20170307)	Nessus	Scientific Linux Local Security Checks	high
97594	RHEL 5 : kvm (RHSA-2017:0454)	Nessus	Red Hat Local Security Checks	high
97593	Oracle Linux 5 : kvm (ELSA-2017-0454)	Nessus	Oracle Linux Local Security Checks	high
97528	CentOS 7 : qemu-kvm (CESA-2017:0396)	Nessus	CentOS Local Security Checks	high
97525	Citrix XenServer Multiple Vulnerabilities (CTX220771)	Nessus	Misc.	high
97517	Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20170302)	Nessus	Scientific Linux Local Security Checks	high
97512	RHEL 7 : qemu-kvm (RHSA-2017:0396)	Nessus	Red Hat Local Security Checks	high
97508	Oracle Linux 7 : qemu-kvm (ELSA-2017-0396)	Nessus	Oracle Linux Local Security Checks	high
97493	Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20170301)	Nessus	Scientific Linux Local Security Checks	high
97490	RHEL 6 : qemu-kvm (RHSA-2017:0352)	Nessus	Red Hat Local Security Checks	high
97489	RHEL 6 : qemu-kvm-rhev (RHSA-2017:0351)	Nessus	Red Hat Local Security Checks	high
97488	RHEL 7 : qemu-kvm-rhev (RHSA-2017:0350)	Nessus	Red Hat Local Security Checks	high
97486	OracleVM 3.4 : qemu-kvm (OVMSA-2017-0047)	Nessus	OracleVM Local Security Checks	high
97485	Oracle Linux 6 : qemu-kvm (ELSA-2017-0352)	Nessus	Oracle Linux Local Security Checks	high
97473	Debian DLA-845-1 : qemu security update	Nessus	Debian Local Security Checks	high
97472	CentOS 6 : qemu-kvm (CESA-2017:0352)	Nessus	CentOS Local Security Checks	high
97467	SUSE SLES12 Security Update : xen (SUSE-SU-2017:0582-1)	Nessus	SuSE Local Security Checks	high
97451	Fedora 25 : xen (2017-266ab882cd)	Nessus	Fedora Local Security Checks	high
97439	Debian DLA-842-1 : qemu-kvm security update	Nessus	Debian Local Security Checks	high
97433	SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:0571-1)	Nessus	SuSE Local Security Checks	high
97432	SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:0570-1)	Nessus	SuSE Local Security Checks	high
97312	FreeBSD : xen-tools -- cirrus_bitblt_cputovideo does not check if memory region is safe (8cbd9c08-f8b9-11e6-ae1b-002590263bf5)	Nessus	FreeBSD Local Security Checks	high

CVE-2017-2620

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0