Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds write access issues. It could occur while writing to VGA memory via mode4and5 write functions. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/10/12/16
Acknowledgments: Name: Guoxiang Niu (Huawei.com)
This issue has been addressed in the following products: RHEV 4.X RHEV-H and Agents for RHEL-7 Via RHSA-2017:3369 https://access.redhat.com/errata/RHSA-2017:3369
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:3368 https://access.redhat.com/errata/RHSA-2017:3368
This issue has been addressed in the following products: Red Hat OpenStack Platform 8.0 (Liberty) Via RHSA-2017:3471 https://access.redhat.com/errata/RHSA-2017:3471
This issue has been addressed in the following products: Red Hat OpenStack Platform 9.0 (Mitaka) Via RHSA-2017:3470 https://access.redhat.com/errata/RHSA-2017:3470
This issue has been addressed in the following products: Red Hat OpenStack Platform 11.0 (Ocata) Via RHSA-2017:3466 https://access.redhat.com/errata/RHSA-2017:3466
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2017:3474 https://access.redhat.com/errata/RHSA-2017:3474
This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 Via RHSA-2017:3472 https://access.redhat.com/errata/RHSA-2017:3472
This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 Via RHSA-2017:3473 https://access.redhat.com/errata/RHSA-2017:3473
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:0516 https://access.redhat.com/errata/RHSA-2018:0516