PublicDateAtUSN: 2017-02-22 Candidate: CVE-2017-2620 PublicDate: 2018-07-27 19:29:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2620 https://xenbits.xen.org/xsa/advisory-209.html https://ubuntu.com/security/notices/USN-3261-1 Description: Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. Ubuntu-Description: Notes: Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855791 Priority: medium Discovered-by: Assigned-to: CVSS: nvd: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H [9.9 CRITICAL] Patches_xen: Tags_xen: universe-binary upstream_xen: needed precise_xen: ignored (reached end-of-life) precise/esm_xen: DNE (precise was needed) trusty_xen: released (4.4.2-0ubuntu0.14.04.11) trusty/esm_xen: DNE (trusty was released [4.4.2-0ubuntu0.14.04.11]) vivid/ubuntu-core_xen: DNE vivid/stable-phone-overlay_xen: DNE xenial_xen: not-affected (uses system qemu) esm-infra/xenial_xen: not-affected (uses system qemu) yakkety_xen: not-affected (uses system qemu) zesty_xen: not-affected (uses system qemu) artful_xen: not-affected (uses system qemu) bionic_xen: not-affected (uses system qemu) cosmic_xen: not-affected (uses system qemu) disco_xen: not-affected (uses system qemu) eoan_xen: not-affected (uses system qemu) focal_xen: not-affected (uses system qemu) groovy_xen: not-affected (uses system qemu) hirsute_xen: not-affected (uses system qemu) devel_xen: not-affected (uses system qemu) Patches_qemu-kvm: upstream_qemu-kvm: needed precise_qemu-kvm: ignored (reached end-of-life) precise/esm_qemu-kvm: ignored (end of ESM support, was needed) trusty_qemu-kvm: DNE trusty/esm_qemu-kvm: DNE vivid/ubuntu-core_qemu-kvm: DNE vivid/stable-phone-overlay_qemu-kvm: DNE xenial_qemu-kvm: DNE yakkety_qemu-kvm: DNE zesty_qemu-kvm: DNE artful_qemu-kvm: DNE bionic_qemu-kvm: DNE cosmic_qemu-kvm: DNE disco_qemu-kvm: DNE eoan_qemu-kvm: DNE focal_qemu-kvm: DNE groovy_qemu-kvm: DNE hirsute_qemu-kvm: DNE devel_qemu-kvm: DNE Patches_qemu: upstream: http://git.qemu-project.org/?p=qemu.git;a=commit;h=92f2b88cea48c6aeba8de568a45f2ed958f3c298 upstream_qemu: needed precise_qemu: DNE precise/esm_qemu: DNE trusty_qemu: released (2.0.0+dfsg-2ubuntu1.33) trusty/esm_qemu: released (2.0.0+dfsg-2ubuntu1.33) vivid/ubuntu-core_qemu: DNE vivid/stable-phone-overlay_qemu: DNE xenial_qemu: released (1:2.5+dfsg-5ubuntu10.11) esm-infra/xenial_qemu: released (1:2.5+dfsg-5ubuntu10.11) yakkety_qemu: released (1:2.6.1+dfsg-0ubuntu5.4) zesty_qemu: not-affected (1:2.8+dfsg-3ubuntu2) artful_qemu: not-affected (1:2.8+dfsg-3ubuntu2) bionic_qemu: not-affected (1:2.8+dfsg-3ubuntu2) cosmic_qemu: not-affected (1:2.8+dfsg-3ubuntu2) disco_qemu: not-affected (1:2.8+dfsg-3ubuntu2) eoan_qemu: not-affected (1:2.8+dfsg-3ubuntu2) focal_qemu: not-affected (1:2.8+dfsg-3ubuntu2) groovy_qemu: not-affected (1:2.8+dfsg-3ubuntu2) hirsute_qemu: not-affected (1:2.8+dfsg-3ubuntu2) devel_qemu: not-affected (1:2.8+dfsg-3ubuntu2)