vulnerability
Oracle Linux: CVE-2018-7858: ELSA-2018-1416: qemu-kvm security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:A/AC:H/Au:S/C:P/I:P/A:P) | Mar 8, 2018 | May 15, 2018 | Jan 7, 2025 |
Severity
4
CVSS
(AV:A/AC:H/Au:S/C:P/I:P/A:P)
Published
Mar 8, 2018
Added
May 15, 2018
Modified
Jan 7, 2025
Description
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.
Solution(s)
oracle-linux-upgrade-ivshmem-toolsoracle-linux-upgrade-qemuoracle-linux-upgrade-qemu-block-glusteroracle-linux-upgrade-qemu-block-iscsioracle-linux-upgrade-qemu-block-rbdoracle-linux-upgrade-qemu-commonoracle-linux-upgrade-qemu-guest-agentoracle-linux-upgrade-qemu-imgoracle-linux-upgrade-qemu-kvmoracle-linux-upgrade-qemu-kvm-commonoracle-linux-upgrade-qemu-kvm-coreoracle-linux-upgrade-qemu-kvm-toolsoracle-linux-upgrade-qemu-system-aarch64oracle-linux-upgrade-qemu-system-aarch64-coreoracle-linux-upgrade-qemu-system-x86oracle-linux-upgrade-qemu-system-x86-core
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.