Your submission was sent successfully! Close

CVE-2017-8284

Published: 26 April 2017

** DISPUTED ** The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated by procmail. NOTE: the vendor has stated "this bug does not violate any security guarantees QEMU makes."

Priority

Medium

CVSS 3 base score: 7.0

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Ignored

upstream Needs triage

xenial Ignored

yakkety Ignored

zesty Ignored

qemu-kvm
Launchpad, Ubuntu, Debian
precise Ignored

trusty Does not exist

upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist