Home

CVE-2017-2633

Description

An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the vnc_refresh_server_surface. A user inside a guest could use this flaw to crash the QEMU process.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.558

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-debugsource-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Server 12-SP1 ) xen-doc-html-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-kmp-default-4.5.5_10_k3.12.69_60.64.35-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-kmp-default-debuginfo-4.5.5_10_k3.12.69_60.64.35-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-libs-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-libs-32bit-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-libs-debuginfo-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Desktop 12-SP1 ) xen-libs-debuginfo-32bit-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Server 12-SP1 ) xen-tools-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Server 12-SP1 ) xen-tools-debuginfo-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Server 12-SP1 ) xen-tools-domU-4.5.5_10-22.14.1.x86_64.rpmLinux
SUSE-SU-2017:1147-1(SUSE Linux Enterprise Server 12-SP1 ) xen-tools-domU-debuginfo-4.5.5_10-22.14.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234