cpe:/a:qemu:qemu CVE-2017-11334 2017-08-02T15:29:00.710-04:00 2018-03-15T21:29:03.513-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BID 99895 DEBIAN DSA-3925 REDHAT RHSA-2017:3369 REDHAT RHSA-2017:3466 REDHAT RHSA-2017:3470 REDHAT RHSA-2017:3471 REDHAT RHSA-2017:3472 REDHAT RHSA-2017:3473 REDHAT RHSA-2017:3474 UBUNTU USN-3575-1 MLIST [oss-security] 20170717 CVE-2017-11334 Qemu: exec: oob access during dma operation MLIST [qemu-devel] 20170713 [PULL 21/41] exec: use qemu_ram_ptr_length to access guest ram CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1471638 The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.