Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-5931

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: https://security.gento...
MISC: http://www.openwall.co...
MISC: https://lists.nongnu.o...
MISC: http://git.qemu-projec...
MISC: https://bugzilla.redha...

Launchpad.net

CVE 2017-5931

Related bugs

References