A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2018-07-27T21:00:00
Updated: 2024-08-06T02:59:02.448Z
Reserved: 2016-11-23T00:00:00
Link: CVE-2016-9603
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-07-27T21:29:00.290
Modified: 2023-11-07T02:37:15.190
Link: CVE-2016-9603
Redhat