CVE-2018-7858

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

References

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html

http://www.openwall.com/lists/oss-security/2018/03/09/1

http://www.securityfocus.com/bid/103350

https://access.redhat.com/errata/RHSA-2018:1369

https://access.redhat.com/errata/RHSA-2018:1416

https://access.redhat.com/errata/RHSA-2018:2162

https://bugzilla.redhat.com/show_bug.cgi?id=1553402

https://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg02174.html

https://usn.ubuntu.com/3649-1/

Details

Source: MITRE

Published: 2018-03-12

Updated: 2020-11-10

Type: CWE-125

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* versions up to 2.11.2 (inclusive)

Configuration 2

OR

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
136276EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2020-1573)NessusHuawei Local Security Checks
critical
135154EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2020-1367)NessusHuawei Local Security Checks
high
127389NewStart CGSL MAIN 4.05 : qemu-kvm Multiple Vulnerabilities (NS-SA-2019-0133)NessusNewStart CGSL Local Security Checks
medium
123493openSUSE Security Update : qemu (openSUSE-2019-1074)NessusSuSE Local Security Checks
high
122776SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:0582-1)NessusSuSE Local Security Checks
high
122471SUSE SLES12 Security Update : qemu (SUSE-SU-2019:0489-1)NessusSuSE Local Security Checks
high
121067Juniper Junos Space < 18.3R1 Multiple Vulnerabilities (JSA10917)NessusJunos Local Security Checks
high
111076CentOS 6 : qemu-kvm (CESA-2018:2162) (Spectre)NessusCentOS Local Security Checks
medium
111023OracleVM 3.4 : qemu-kvm (OVMSA-2018-0238) (Spectre)NessusOracleVM Local Security Checks
critical
111003Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20180710) (Spectre)NessusScientific Linux Local Security Checks
medium
111000RHEL 6 : qemu-kvm (RHSA-2018:2162) (Spectre)NessusRed Hat Local Security Checks
medium
110995Oracle Linux 6 : qemu-kvm (ELSA-2018-2162) (Spectre)NessusOracle Linux Local Security Checks
medium
110865EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2018-1201)NessusHuawei Local Security Checks
high
110457Amazon Linux AMI : qemu-kvm (ALAS-2018-1034) (Spectre)NessusAmazon Linux Local Security Checks
high
110451Amazon Linux 2 : qemu-kvm (ALAS-2018-1034) (Spectre)NessusAmazon Linux Local Security Checks
high
110249CentOS 7 : qemu-kvm (CESA-2018:1416)NessusCentOS Local Security Checks
medium
110149EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2018-1145)NessusHuawei Local Security Checks
medium
110148EulerOS 2.0 SP1 : qemu-kvm (EulerOS-SA-2018-1144)NessusHuawei Local Security Checks
high
109894Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : QEMU vulnerabilities (USN-3649-1)NessusUbuntu Local Security Checks
critical
109854Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20180515)NessusScientific Linux Local Security Checks
medium
109836RHEL 7 : qemu-kvm (RHSA-2018:1416)NessusRed Hat Local Security Checks
medium
109811Oracle Linux 7 : qemu-kvm (ELSA-2018-1416)NessusOracle Linux Local Security Checks
medium
109755RHEL 7 : qemu-kvm-rhev (RHSA-2018:1369)NessusRed Hat Local Security Checks
high