CVE-2017-5931 — Integer Overflow or Wraparound in Qemu

CWE-190 — Integer Overflow or Wraparound7 documents7 sources

Severity

8.8HIGHNVD

EPSS

0.2%

top 55.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Msrc CBL Mariner 1.0 ARM +2 more

Timeline

PublishedMar 27

Latest updateMay 13

Description

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages6 packages

▶debiandebian/qemu< qemu 1:2.8+dfsg-3 (bookworm)

▶Debianqemu/qemu< 1:2.8+dfsg-3+3

▶NVDqemu/qemu2.8.1.1

▶msrcmsrc/cm1_qemu-kvm_4.2.0-13_on_cbl_mariner_1.0

▶msrcmsrc/cbl_mariner_1.0_arm

Patches

Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗Patch: lists.nongnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-4w9r-63g7-xmfj: Integer overflow in hw/virtio/virtio-crypto↗2022-05-13

▶

OSV

CVE-2017-5931: Integer overflow in hw/virtio/virtio-crypto↗2017-03-27

▶

📋Vendor Advisories

Microsoft

▶

Red Hat

Qemu: virtio: integer overflow in handling virtio-crypto requests↗2017-01-10

▶

Debian

CVE-2017-5931: qemu - Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allow...↗2017

▶

💬Community

Bugzilla

CVE-2017-5931 Qemu: virtio: integer overflow in handling virtio-crypto requests↗2017-02-07

▶