SUSE CVE-2016-5106

The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...

SUSE: Security Advisory (SUSE-SU-2021:1244-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

QEMU aka Quick Emulator is vulnerable to denial of service DoS. When built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, it allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors involving megasas command...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:2015-1)

This update for qemu to version 4.2.1 fixes the following issues : CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. CVE-2020-13659: Fixed a NULL pointer...

CVE-2020-13659

A NULL pointer dereference flaw was found in the MegaRAID SAS 8708EM2 emulator of the QEMU. This issue occurs because the addressspacemap API while mapping physical memory into the host's virtual address space, may return NULL without setting the length parameter to zero 0. This flaw allows a gue...

Security Bulletin: Multiple vulnerabilities in qemu affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in qemu. These vulnerabilities have been addressed by IBM. Vulnerability Details CVEID: CVE-2016-5338 DESCRIPTION: Qemu, built with the ESP/NCR53C9x controller emulation support, is vulnerable to a denial of service, caused by an out of boun...

QEMU 'megasas command handling' denial of service vulnerability

QEMU is an open source emulator software. QEMU supports MegaRAID SAS 8708EM2 Host Bus Adapter emulation suffers from a security vulnerability that allows local attackers to exploit the vulnerability by submitting a specially crafted request that triggers memory corruption and crashes the...

Null pointer dereference

QEMU aka Quick Emulator, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors involving megasas command processing...

CVE-2017-9503

QEMU aka Quick Emulator, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors involving megasas command processing...

CVE-2017-9503

Technical details about CVE-2017-9503 are not publicly provided in the connected documents. Please monitor for updates.

CVE-2017-9503

QEMU aka Quick Emulator, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors involving megasas command processing...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the megasasdcmdsetproperties function in the hw/scsi/megasas.c file of the QEMU hardware emulation software is related to the creation of a host adapter for the MegaRAID SAS 8708EM2 device. Exploiting this vulnerability allows an attacker to trigger a service failure memory...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the megasaslookupframe function in the QEMU hardware emulation software is related to the construction of the host adapter for the MegaRAID SAS 8708EM2 device. Exploiting this vulnerability allows a local attacker to cause service failures, such as out-of-memory reading and...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to read memory on the host machine

The vulnerability of the megasasdcmdcfgread function in the hw/scsi/megasas.c file of the hardware emulation software QEMU is related to the creation of a host adapter for the MegaRAID SAS 8708EM2 device. Exploiting this vulnerability allows an attacker to read memory from the host device by usin...

DEBIAN-CVE-2016-5106

The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...

DEBIAN-CVE-2016-5105

The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...

CVE-2016-5105

The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...

Out-of-bounds

The megasaslookupframe function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds read and crash via unspecified vectors...

CVE-2016-5106

The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...