CVE-2017-13673

{"id": "CVE-2017-13673", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-08-29T16:29:00.277", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html", "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2017/09/10/1", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/100527", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:1104", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:1113", "source": "cve@mitre.org"}, {"url": "https://git.qemu.org/gitweb.cgi?p=qemu.git%3Ba=commit%3Bh=bfc56535f793c557aa754c50213fc5f882e6482d", "source": "cve@mitre.org"}, {"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04685.html", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function."}, {"lang": "es", "value": "La actualizaci\u00f3n de la pantalla VGA en la regi\u00f3n calculada inapropiadamente para la instant\u00e1nea dirty bitmap en el caso de que el modo pantalla dividida sea usado, lo que provoca una denegaci\u00f3n de servicio (fallo de aserci\u00f3n) en la funci\u00f3n cpu_physical_memory_snapshot_get_dirty."}], "lastModified": "2023-11-07T02:38:41.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:2.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "242C3AA9-F5FC-4D25-9F96-1DEC709AA9C7"}, {"criteria": "cpe:2.3:a:qemu:qemu:2.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC2FC474-181C-4022-8A7E-AEEE4DDAE6A8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}