{
  "threat_severity" : "Moderate",
  "public_date" : "2017-02-03T00:00:00Z",
  "bugzilla" : {
    "description" : "Qemu: usb: integer overflow in emulated_apdu_from_guest",
    "id" : "1419699",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1419699"
  },
  "cvss" : {
    "cvss_base_score" : "3.8",
    "cvss_scoring_vector" : "AV:A/AC:M/Au:S/C:N/I:P/A:P",
    "status" : "verified"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.0",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-190",
  "details" : [ "Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.", "An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process." ],
  "acknowledgement" : "Red Hat would like to thank Li Qiang (360.cn Inc.) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-08-01T00:00:00Z",
    "advisory" : "RHSA-2017:1856",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "qemu-kvm-10:1.5.3-141.el7"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
    "release_date" : "2017-08-01T00:00:00Z",
    "advisory" : "RHSA-2017:2392",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor",
    "package" : "qemu-kvm-rhev-10:2.9.0-14.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "xen",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:5::el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
    "fix_state" : "Will not fix",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:5::el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux OpenStack Platform 6 (Juno)",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:7"
  }, {
    "product_name" : "Red Hat OpenStack Platform 10 (Newton)",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:10"
  }, {
    "product_name" : "Red Hat OpenStack Platform 8 (Liberty)",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:8"
  }, {
    "product_name" : "Red Hat OpenStack Platform 9 (Mitaka)",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-5898\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-5898" ],
  "name" : "CVE-2017-5898",
  "csaw" : false
}