CVE-2018-7858
Description
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.055
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Machine emulator and virtualizer (USN-3649-1) qemu_2.10+dfsg-0ubuntu3.6_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-3649-1) qemu-system_2.10+dfsg-0ubuntu3.6_i386.deb | Linux |
| Machine emulator and virtualizer (USN-3649-1) qemu-system_2.5+dfsg-5ubuntu10.28_i386.deb | Linux |
| Machine emulator and virtualizer (USN-3649-1) qemu-system_2.5+dfsg-5ubuntu10.28_amd64.deb | Linux |
| Qemu-kvm security update (CESA-2018:1660) qemu-img-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:1660) qemu-kvm-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:1660) qemu-kvm-tools-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:1660) qemu-guest-agent-0.12.1.2-2.506.el6_10.1.i686.rpm | Linux |
| Qemu-kvm security update (CESA-2018:1660) qemu-guest-agent-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:2162) qemu-img-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:2162) qemu-kvm-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:2162) qemu-kvm-tools-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Qemu-kvm security update (CESA-2018:2162) qemu-guest-agent-0.12.1.2-2.506.el6_10.1.i686.rpm | Linux |
| Qemu-kvm security update (CESA-2018:2162) qemu-guest-agent-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:1416) Moderate: qemu-kvm security update qemu-img-1.5.3-156.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:1416) Moderate: qemu-kvm security update qemu-kvm-1.5.3-156.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:1416) Moderate: qemu-kvm security update qemu-kvm-common-1.5.3-156.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:1416) Moderate: qemu-kvm security update qemu-kvm-tools-1.5.3-156.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2162) Important: qemu-kvm security update qemu-guest-agent-0.12.1.2-2.506.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2162) Important: qemu-kvm security update qemu-guest-agent-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2162) Important: qemu-kvm security update qemu-img-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2162) Important: qemu-kvm security update qemu-kvm-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2162) Important: qemu-kvm security update qemu-kvm-tools-0.12.1.2-2.506.el6_10.1.x86_64.rpm | Linux |
| Out-of-bounds Read Vulnerability (CVE-2018-7858) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234