Rapid7 Vulnerability & Exploit Database

Alpine Linux: CVE-2017-2615: xen Multiple issues

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Alpine Linux: CVE-2017-2615: xen Multiple issues

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

02/23/2017

Created

07/25/2018

Added

08/30/2017

Modified

06/17/2022

Description

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.

Solution(s)

alpine-linux-upgrade-xen

References

https://attackerkb.com/topics/cve-2017-2615
6917
6918
6919
95990
CVE - 2017-2615
Category I
2017-B-0024
RHSA-2017:0309
RHSA-2017:0328
RHSA-2017:0329
RHSA-2017:0330
RHSA-2017:0331
RHSA-2017:0332
RHSA-2017:0333
RHSA-2017:0334
RHSA-2017:0344
RHSA-2017:0350
RHSA-2017:0396
RHSA-2017:0454

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Alpine Linux: CVE-2017-2615: xen Multiple issues

Alpine Linux: CVE-2017-2615: xen Multiple issues

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.