Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3414-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3414-1 advisory. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges insid...

Fedora 25 : 2:qemu (2017-f941184db1)

CVE-2017-7718: cirrus: OOB read access issue bz 1443443 - CVE-2016-9603: cirrus: heap buffer overflow via vnc connection bz 1432040 - CVE-2017-7377: 9pfs: fix file descriptor leak bz 1437872 - CVE-2017-7980: cirrus: OOB r/w access issues in bitblt bz 1444372 - CVE-2017-8112: vmwpvscsi: infinite...

CVE-2017-9060

Memory leak in the virtiogpusetscanout function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service memory consumption via a large number of "VIRTIOGPUCMDSETSCANOUT:" commands...

CVE-2017-9060

CVE-2017-9060 affects QEMU's Virtio GPU device. The issue is a memory leak in virtio_gpu_set_scanout in hw/display/virtio-gpu.c triggered by a high volume of VIRTIO_GPU_CMD_SET_SCANOUT commands, leading to guest memory exhaustion and denial of service. Connected documents explicitly reference the...