CyberSec.Space Logo
Back to CVE Browser

CVE-2017-16845

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile16.08th
PublishedNov 17, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

Affected Platforms (CPE)

πŸ“¦
Qemu

Qemu

<= 2.11.2
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Debian

Debian Linux

= 9.0
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ’»
Canonical

Ubuntu Linux

= 17.10
πŸ’»
Canonical

Ubuntu Linux

= 18.04

References & Advisories

πŸ”— http://www.securityfocus.com/bid/101923
πŸ”— https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
πŸ”— https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html
πŸ”— https://usn.ubuntu.com/3575-1/
πŸ”— https://usn.ubuntu.com/3649-1/
πŸ”— https://www.debian.org/security/2018/dsa-4213
πŸ”— http://www.securityfocus.com/bid/101923
πŸ”— https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

Related Vulnerabilities

CVE-2015-855610.0

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.

CVE-2021-218929.9

A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0....

CVE-2020-61009.9

An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted p...

CVE-2021-218899.9

A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (...