6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
Several vulnerabilities were discovered in qemu, a fast processor
emulator. The Common Vulnerabilities and Exposures project identifies
the following problems:
A privileged user/process inside guest could use this issue to crash
the Qemu process on the host leading to DoS.
A privileged user inside guest could use this flaw to consume excessive CPU
cycles on the host, resulting in DoS.
A privileged user inside guest could use this flaw to consume
excessive CPU cycles on the host, resulting in DoS situation.
A privileged user inside guest could use this flaw to cause a DoS on the host
and/or potentially crash the Qemu process on the host.
A privileged user inside guest could use this flaws to leak the host
memory bytes resulting in DoS for other services.
A privileged user inside guest could use this flaw to crash the Qemu
process instance resulting in DoS.
A privileged user inside guest could use this flaw to leak host memory
bytes.
For Debian 7 Wheezy, these problems have been fixed in version
1.1.2+dfsg-6+deb7u18.
We recommend that you upgrade your qemu packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>
6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C