VYPR
High severity8.8NVD Advisory· Published Mar 27, 2017· Updated Jun 17, 2026

CVE-2017-5931

CVE-2017-5931

Description

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • QEMU/Qemu2 versions
    cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*range: <=2.8.1.1
    • (no CPE)

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.