Linux Distros Unpatched Vulnerability : CVE-2016-4037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption v...

SUSE: Security Advisory (SUSE-SU-2016:2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

Fedora 23 : 2:qemu (2016-f2b1f07256)

CVE-2016-3710: incorrect bounds checking in vga bz 1334345 - CVE-2016-3712: out of bounds read in vga bz 1334342 - Fix USB redirection bz 1330221 - CVE-2016-4037: infinite loop in usb ehci bz 1328080 - CVE-2016-4001: buffer overflow in stellaris net bz 1325885 - CVE-2016-2858: rng stack...

Fedora 22 : 2:qemu (2016-a3298e39f7)

CVE-2016-3710: incorrect bounds checking in vga bz 1334345 - CVE-2016-3712: out of bounds read in vga bz 1334342 - Fix USB redirection bz 1330221 - CVE-2016-4037: infinite loop in usb ehci bz 1328080 - CVE-2016-4001: buffer overflow in stellaris net bz 1325885 - CVE-2016-2858: rng stack...

openSUSE Security Update : qemu (openSUSE-2016-839)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

openSUSE: Security Advisory for qemu (openSUSE-SU-2016:1750-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

CVE-2016-4037

CVE-2016-4037 affects QEMU, specifically the USB EHCI emulation (ehci_advance_state in hw/usb/hcd-ehci.c). It enables a local privileged guest OS user to cause a denial of service via a circular split isochronous transfer descriptor list (siTD), an issue related to CVE-2015-8558. The description ...

CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...

USN-2974-1: QEMU vulnerabilities

Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-2391 Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A...

Fedora Update for xen FEDORA-2016-48

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for xen FEDORA-2016-75063477

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 23 : xen-4.5.3-2.fc23 (2016-35d7b09908)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...