Qemu 远程代码执行漏洞(CVE-2017-2620)

漏洞描述

QEMU是一款开源模拟器软件。

QEMU在实现上存在越界访问漏洞，在cirrus_bitblt_cputovideo中复制VGA数据时会触发此漏洞，导致QEMU进程崩溃或执行任意代码。

解决方法

以下是各Linux/Unix发行版系统针对此漏洞发布的安全公告，可以参考对应系统的安全公告修复该漏洞:

Ubuntu

----------------

USN-3261-1: [USN-3261-1] QEMU vulnerabilities

链接: https://www.ubuntu.com/usn/usn-3261-1

Red Hat Enterprise Linux

----------------

链接: https://access.redhat.com/security/cve/CVE-2017-2620

CentOS

----------------

CESA-2017:0352: CESA-2017:0352 Important CentOS 6 qemu-kvm Security Update

链接: https://lists.centos.org/pipermail/centos-announce/2017-March/022294.html

CESA-2017:0396: CESA-2017:0396 Important CentOS 7 qemu-kvm Security Update

链接: https://lists.centos.org/pipermail/centos-announce/2017-March/022321.html

CESA-2017:0454: CESA-2017:0454 Important CentOS 5 kvm Security Update

链接: https://lists.centos.org/pipermail/centos-announce/2017-March/022325.html

Gentoo

----------------

GLSA-201704-01: QEMU: Multiple vulnerabilities

链接: https://security.gentoo.org/glsa/201704-01

GLSA-201703-07: Xen: Privilege Escalation

链接: https://security.gentoo.org/glsa/201703-07

FreeBSD

----------------

8cbd9c08-f8b9-11e6-ae1b-002590263bf5: xen-tools -- cirrus_bitblt_cputovideo does not check if memory region is safe

链接: http://vuxml.freebsd.org/freebsd/8cbd9c08-f8b9-11e6-ae1b-002590263bf5.html

openSUSE

----------------

openSUSE-SU-2017:0707-1: openSUSE Security Update: Security update for qemu

链接: https://lists.opensuse.org/opensuse-security-announce/2017-03/msg00011.html

openSUSE-SU-2017:0665-1: openSUSE Security Update: Security update for xen

链接: https://lists.opensuse.org/opensuse-security-announce/2017-03/msg00008.html

openSUSE-SU-2017:1312-1: openSUSE Security Update: Security update for qemu

链接: https://lists.opensuse.org/opensuse-updates/2017-05/msg00058.html

SUSE

----------------

链接: https://www.suse.com/security/cve/CVE-2017-2620/

Fedora

----------------

FEDORA-2017-62ac1230f7: Fedora 24 Update: qemu-2.6.2-7.fc24

链接: https://lists.fedoraproject.org/archives/list/pac[email protected]/thread/X3M6HH35GUTRSIKPUWQYKAFUOT25GJXE/

FEDORA-2017-31b976672b: Fedora 25 Update: qemu-2.7.1-4.fc25

链接: https://lists.fedoraproject.org/archives/list/[email protected]/thread/MYFUMFAMU5GEQUVDAYGEUWAHFPUP2DN6/

FEDORA-2017-1607a3a78e: Fedora 24 Update: xen-4.6.4-8.fc24

链接: https://lists.fedoraproject.org/archives/list/[email protected]/thread/OIGV7IRUPTCLPEQ62PZGHOY6IVIGG4IS/

FEDORA-2017-266ab882cd: Fedora 25 Update: xen-4.7.1-9.fc25

链接: https://lists.fedoraproject.org/archives/list/[email protected]/thread/JCEEPYGCOQ2S5SJYWOMZQDTBZ6RFLXUX/

Oracle Linux

----------------

链接: https://linux.oracle.com/cve/CVE-2017-2620.html

EulerOS

----------------

链接: http://developer.huawei.com/ict/cn/site-euleros/euleros/cve/CVE-2017-2620

原文地址：https://www.cnblogs.com/mrhonest/p/10910499.html