SUSE CVE-2011-4111

Buffer overflow in the ccidcardvscardhandlemessage function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted VSCATR message...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2017-1224)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds memory access issue was found in Quick Emulator QEMU in the VNC display driver. This flaw could occur while refreshing the VN...

Qemu: usb: integer overflow in emulated_apdu_from_guest

An integer overflow flaw was found in Quick Emulator QEMU in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process...

Moderate: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

openSUSE Security Update : qemu (openSUSE-2017-589)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:1241-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

Integer overflow

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

CVE-2017-5898

CVE-2017-5898 affects Quick Emulator (QEMU) when built with CCID Card device emulator support. The vulnerability is an integer overflow in the emulated_apdu_from_guest function (usb/dev-smartcard-reader.c) that allows a local user to crash the QEMU host process by sending a large APDU unit, causi...

CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

SUSE SLES12 Security Update : qemu (SUSE-SU-2017:0661-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...

Debian DLA-842-1 : qemu-kvm security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests. CVE-2017-2615 The Cirrus CLGD 54xx VGA Emulator in qemu-kvm is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in...

openSUSE Security Update : kvm (openSUSE-2011-56)

Malicous clients could potentially exploit a heap based buffer overflow in the CCID card passthru device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2011-56. The text description...