Vulnerability Details : CVE-2008-4539
Potential exploit
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.
Vulnerability category: Overflow
Products affected by CVE-2008-4539
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
- cpe:2.3:a:kvm_qumranet:kvm:*:*:*:*:*:*:*:*
Threat overview for CVE-2008-4539
Top countries where our scanners detected CVE-2008-4539
Top open port discovered on systems with this issue
5555
IPs affected by CVE-2008-4539 121
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-4539!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-4539
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-4539
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2008-4539
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-4539
-
http://git.kernel.dk/?p=qemu.git%3Ba=commitdiff%3Bh=65d35a09979e63541afc5bfc595b9f1b1b4ae069
git.kernel.dk Git
-
https://bugzilla.redhat.com/show_bug.cgi?id=237342
237342 – (CVE-2007-1320) CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap OverflowIssue Tracking;Third Party Advisory
-
http://secunia.com/advisories/29129
About Secunia Research | FlexeraThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=448525
448525 – CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 9]Issue Tracking;Third Party Advisory
-
http://www.mail-archive.com/cvs-all%40freebsd.org/msg129730.html
cvs commit: ports/emulators/qemu Makefile ports/emulators/qemu/files patch-CVE-2008-4539 ports/emulators/qemu-devel Makefile ports/emulators/qemu-devel/files patch-CVE-2008-4539
-
http://www.mail-archive.com/secure-testing-commits%40lists.alioth.debian.org/msg09322.html
[Secure-testing-commits] r10251 - data/CVE
-
http://secunia.com/advisories/33350
About Secunia Research | FlexeraThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:008 - openSUSE Security Announce - openSUSE Mailing ListsMailing List;Third Party Advisory
-
https://launchpad.net/ubuntu/jaunty/+source/qemu/0.9.1+svn20081112-1ubuntu1
0.9.1+svn20081112-1ubuntu1 : qemu package : UbuntuThird Party Advisory
-
http://groups.google.com/group/linux.debian.changes.devel/msg/9e0dc008572f2867?dmode=source
Accepted qemu 0.9.1+svn20081101-1 (source amd64)Third Party Advisory
-
http://secunia.com/advisories/25073
About Secunia Research | FlexeraThird Party Advisory
-
http://secunia.com/advisories/35062
About Secunia Research | FlexeraThird Party Advisory
-
http://secunia.com/advisories/34642
About Secunia Research | FlexeraThird Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html
[SECURITY] Fedora 9 Update: kvm-65-15.fc9Third Party Advisory
-
http://secunia.com/advisories/35031
About Secunia Research | FlexeraThird Party Advisory
-
http://www.mail-archive.com/secure-testing-commits@lists.alioth.debian.org/msg09322.html
Third Party Advisory
-
http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5587
[qemu] Revision 5587Third Party Advisory
-
http://www.debian.org/security/2009/dsa-1799
[SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilitiesThird Party Advisory
-
http://git.kernel.dk/?p=qemu.git;a=commitdiff;h=65d35a09979e63541afc5bfc595b9f1b1b4ae069
Exploit;Third Party Advisory
-
http://www.mail-archive.com/cvs-all@freebsd.org/msg129730.html
Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=466890
466890 – (CVE-2008-4539) CVE-2008-4539 kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320Issue Tracking;Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/47736
QEMU and KVM Cirrus VGA buffer overflow CVE-2008-4539 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.ubuntu.com/usn/usn-776-1
USN-776-1: KVM vulnerabilities | Ubuntu security notices | UbuntuThird Party Advisory
Jump to