vulnerability
Amazon Linux AMI: CVE-2018-7858: Security patch for qemu-kvm (ALAS-2018-1034)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:N/A:P) | Mar 12, 2018 | Jun 12, 2018 | Jul 17, 2021 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Published
Mar 12, 2018
Added
Jun 12, 2018
Modified
Jul 17, 2021
Description
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.
Solution
amazon-linux-upgrade-qemu-kvm
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.