Lucene search

K

GoogleOSV:CVE-2017-14167

HistorySep 08, 2017 - 6:29 p.m.

CVE-2017-14167

2017-09-0818:29:00

Google

osv.dev

4

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.

CPENameOperatorVersion
qemueq2.8.0-rc4
qemueq2.10.0-rc0
qemueq2.9.0-rc0
qemueq2.3.0-rc3
qemueq1.1-rc1
qemueq1.5.0-rc0
qemueq0.5.0
qemueq2.4.0-rc0
qemueq0.1.4
qemueq2.10.2

Rows per page:

1-10 of 1311

References

www.debian.org/security/2017/dsa-3991

www.openwall.com/lists/oss-security/2017/09/07/2

www.securityfocus.com/bid/100694

access.redhat.com/errata/RHSA-2017:3368

access.redhat.com/errata/RHSA-2017:3369

access.redhat.com/errata/RHSA-2017:3466

access.redhat.com/errata/RHSA-2017:3470

access.redhat.com/errata/RHSA-2017:3471

access.redhat.com/errata/RHSA-2017:3472

access.redhat.com/errata/RHSA-2017:3473

access.redhat.com/errata/RHSA-2017:3474

lists.debian.org/debian-lts-announce/2018/09/msg00007.html

lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01032.html

usn.ubuntu.com/3575-1/

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

Related for OSV:CVE-2017-14167

cve1 cbl_mariner1 cvelist1 nvd1 redhatcve1 prion1 debiancve1 ubuntucve1 openvas21 nessus32 redhat8 debian4 amazon1 centos1 osv4 oraclelinux7 fedora1 suse8 ubuntu2