177 matches found
QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c
A reachable assertion vulnerability was found in the USB EHCI emulation code of QEMU. This issue occurs while processing USB requests due to missed handling of DMA memory map failure. This flaw allows a malicious privileged user within the guest to send bogus USB requests and crash the QEMU proce...
EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1256)
According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while...
EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1275)
According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-1046)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host resulting in a denial of service.
...
Denial Of Service (DoS)
qemu is vulnerable to denial of service DoS. The vulnerability exists through a reachable assertion issue was found in the USB EHCI emulation code of QEMU, allows an privileged user to send bogus USB requests and crash the QEMU process on the host...
CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...
CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...
CVE-2020-25723
CVE-2020-25723 affects QEMU’s USB EHCI emulation. A reachable assertion issue may occur while processing USB requests due to missing handling of DMA memory map failure. A privileged user inside the guest could send bogus USB requests and crash the QEMU process on the host, resulting in a denial o...
CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...
CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...
CVE-2020-25723
A reachable assertion vulnerability was found in the USB EHCI emulation code of QEMU. This issue occurs while processing USB requests due to missed handling of DMA memory map failure. This flaw allows a malicious privileged user within the guest to send bogus USB requests and crash the QEMU proce...
PT-2022-7369 · Qemu +11 · Qemu +11
Name of the Vulnerable Software and Affected Versions: QEMU versions prior to 7.0.0 Description: A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted conte...
VMware ESXi Use-After-Free / Out-Of-Bounds Access Vulnerability
Several security issues have been identified in the VMware ESIx virtual machine monitor VMM. A use-after-free UAF vulnerability in PVNVRAM, a missing return value check in EHCI USB controller leading to private heap information disclosure, and several out-of-bounds reads. Overview ======= We...
VMware Workstation EHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the EHCI...
VMware Workstation EHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the EHCI...
Information Disclosure Vulnerability in Multiple VMware Products (CNVD-2021-24358)
VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...
CVE-2020-3964
VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may b...
CVE-2020-3964
VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may b...
CVE-2020-3966
VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain a heap-overflow due to a race condition issue in the USB 2.0 controller EHCI. A malicious actor with local...