ID CVE-2017-17381
Summary The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.
References
Vulnerable Configurations
  • QEMU
    cpe:2.3:a:qemu:qemu
CVSS
Base: 2.1
Impact:
Exploitability:
CWE CWE-369
CAPEC
refmap via4
bid 102059
mlist
  • [oss-security] 20171205 CVE-2017-17381 Qemu: virtio: divide by zero exception while updating rings
  • [qemu-devel] 20171201 [PULL 6/7] virtio: check VirtQueue Vring object is set
Last major update 06-12-2017 - 21:29
Published 06-12-2017 - 21:29
Last modified 22-12-2017 - 13:12
Back to Top