Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3991-1:00D79
HistoryOct 03, 2017 - 9:33 p.m.

[SECURITY] [DSA 3991-1] qemu security update

2017-10-0321:33:35
lists.debian.org
20

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.015 Low

EPSS

Percentile

86.8%

JSON

Debian Security Advisory DSA-3991-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
October 03, 2017 https://www.debian.org/security/faq

Package : qemu
CVE ID : CVE-2017-9375 CVE-2017-12809 CVE-2017-13672 CVE-2017-13711
CVE-2017-14167

Multiple vulnerabilities were found in in qemu, a fast processor emulator:

CVE-2017-9375

Denial of service via memory leak in USB XHCI emulation.

CVE-2017-12809

Denial of service in the CDROM device drive emulation.

CVE-2017-13672

Denial of service in VGA display emulation.

CVE-2017-13711

Denial of service in SLIRP networking support.

CVE-2017-14167

Incorrect validation of multiboot headers could result in the
execution of arbitrary code.

For the stable distribution (stretch), these problems have been fixed in
version 1:2.8+dfsg-6+deb9u3.

We recommend that you upgrade your qemu packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9amd64qemu-guest-agent-dbgsym< 1:2.8+dfsg-6+deb9u3qemu-guest-agent-dbgsym_1:2.8+dfsg-6+deb9u3_amd64.deb
Debian9armhfqemu-system-arm-dbgsym< 1:2.8+dfsg-6+deb9u3qemu-system-arm-dbgsym_1:2.8+dfsg-6+deb9u3_armhf.deb
Debian9ppc64elqemu-system-mips< 1:2.8+dfsg-6+deb9u3qemu-system-mips_1:2.8+dfsg-6+deb9u3_ppc64el.deb
Debian9ppc64elqemu-system-misc< 1:2.8+dfsg-6+deb9u3qemu-system-misc_1:2.8+dfsg-6+deb9u3_ppc64el.deb
Debian9i386qemu-system-mips< 1:2.8+dfsg-6+deb9u3qemu-system-mips_1:2.8+dfsg-6+deb9u3_i386.deb
Debian9mipselqemu-system-x86< 1:2.8+dfsg-6+deb9u3qemu-system-x86_1:2.8+dfsg-6+deb9u3_mipsel.deb
Debian9s390xqemu-guest-agent< 1:2.8+dfsg-6+deb9u3qemu-guest-agent_1:2.8+dfsg-6+deb9u3_s390x.deb
Debian9arm64qemu-system-arm-dbgsym< 1:2.8+dfsg-6+deb9u3qemu-system-arm-dbgsym_1:2.8+dfsg-6+deb9u3_arm64.deb
Debian9i386qemu-system-arm-dbgsym< 1:2.8+dfsg-6+deb9u3qemu-system-arm-dbgsym_1:2.8+dfsg-6+deb9u3_i386.deb
Debian9arm64qemu-user-binfmt< 1:2.8+dfsg-6+deb9u3qemu-user-binfmt_1:2.8+dfsg-6+deb9u3_arm64.deb
Rows per page:
1-10 of 2501

Related

openvas 43
osv 9
nessus 67
suse 12
fedora 4
cve 5
prion 5
redhatcve 4
ubuntucve 5
debiancve 5
centos 3
oraclelinux 7
veracode 3
redhat 12
cbl_mariner 1
f5 1
virtuozzo 1
amazon 3
debian 4
ubuntu 4
gentoo 1
openvas
openvas
Debian: Security Advisory (DSA-3991-1)
2017-10-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2924-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2017:2938-1)
2017-11-07 00:00:00
osv
osv
qemu - security update
2017-10-03 00:00:00
CVE-2017-12809
2017-08-23 16:29:00
CVE-2017-13711
2017-09-01 13:29:00
nessus
nessus
Debian DSA-3991-1 : qemu - security update
2017-10-04 00:00:00
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2924-1)
2017-11-03 00:00:00
openSUSE Security Update : qemu (openSUSE-2017-1248)
2017-11-07 00:00:00
suse
suse
Security update for qemu (important)
2017-11-03 00:08:15
Security update for qemu (important)
2017-11-07 06:09:17
Security update for qemu (important)
2017-11-07 06:12:01
fedora
fedora
[SECURITY] Fedora 26 Update: qemu-2.9.1-2.fc26
2017-11-07 22:20:31
[SECURITY] Fedora 27 Update: xen-4.9.0-11.fc27
2017-10-10 19:33:06
[SECURITY] Fedora 25 Update: xen-4.7.3-7.fc25
2017-11-01 16:45:54
cve
cve
CVE-2017-12809
2017-08-23 16:29:00
CVE-2017-9375
2017-06-16 22:29:00
CVE-2017-13711
2017-09-01 13:29:00
prion
prion
Null pointer dereference
2017-08-23 16:29:00
Buffer overflow
2017-06-16 22:29:00
Design/Logic Flaw
2017-09-01 13:29:00
redhatcve
redhatcve
CVE-2017-12809
2017-08-21 11:18:41
CVE-2017-13711
2020-04-05 16:53:34
CVE-2017-13672
2017-08-30 07:48:26
ubuntucve
ubuntucve
CVE-2017-12809
2017-08-23 00:00:00
CVE-2017-9375
2017-06-16 00:00:00
CVE-2017-13711
2017-09-01 00:00:00
debiancve
debiancve
CVE-2017-12809
2017-08-23 16:29:00
CVE-2017-13711
2017-09-01 13:29:00
CVE-2017-9375
2017-06-16 22:29:00
centos
centos
qemu security update
2018-04-26 17:50:14
qemu security update
2017-12-06 13:15:27
qemu security update
2018-07-13 16:56:49
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2018-04-16 00:00:00
qemu-kvm security update
2017-11-30 00:00:00
qemu security update
2018-11-20 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 02:53:04
Denial Of Service (DoS)
2019-05-02 06:36:25
Denial Of Service (DoS)
2019-01-15 09:21:30
redhat
redhat
(RHSA-2018:0816) Low: qemu-kvm security, bug fix, and enhancement update
2018-04-10 05:01:42
(RHSA-2017:3368) Moderate: qemu-kvm security update
2017-11-30 20:14:11
(RHSA-2018:1104) Important: qemu-kvm-rhev security, bug fix, and enhancement update
2018-04-10 18:43:01
cbl_mariner
cbl_mariner
CVE-2017-14167 affecting package qemu-kvm 4.2.0-13
2020-11-05 04:21:31
f5
f5
K23893104 : QEMU vulnerability CVE-2017-13672
2020-12-17 00:00:00
virtuozzo
virtuozzo
Product update: Virtuozzo 7.0 Update 5 Hotfix 3 (7.0.5-646)
2017-09-28 00:00:00
amazon
amazon
Important: qemu-kvm
2018-06-08 18:29:00
Important: qemu-kvm
2018-06-07 23:41:00
Medium: qemu-kvm
2017-12-20 18:55:00
debian
debian
[SECURITY] [DLA 1128-1] qemu-kvm security update
2017-10-08 16:45:42
[SECURITY] [DLA 1129-1] qemu security update
2017-10-08 20:20:29
[SECURITY] [DLA 1927-1] qemu security update
2019-09-20 09:19:02
ubuntu
ubuntu
QEMU regression
2018-03-05 00:00:00
QEMU vulnerabilities
2018-02-20 00:00:00
QEMU regression
2017-09-20 00:00:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2018-04-08 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.015 Low

EPSS

Percentile

86.8%

JSON
Related for DEBIAN:DSA-3991-1:00D79
openvas43osv9nessus67suse12fedora4cve5prion5redhatcve4ubuntucve5debiancve5centos3oraclelinux7veracode3redhat12cbl_mariner1f51virtuozzo1amazon3debian4ubuntu4gentoo1