Search Results | AttackerKB

370 Total Results

Displaying 151-160 of 370

Attacker Value

Unknown

CVE-2016-9603

Disclosure Date: July 27, 2018 (last updated November 08, 2023)

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

Attacker Value

Unknown

CVE-2017-2620

Disclosure Date: July 27, 2018 (last updated November 08, 2023)

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.

Attacker Value

Unknown

CVE-2017-2615

Disclosure Date: July 03, 2018 (last updated November 26, 2024)

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.

Attacker Value

Unknown

CVE-2018-3665

Disclosure Date: June 21, 2018 (last updated November 26, 2024)

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

Attacker Value