7 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QEMU aka Quick Emulator, when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service infinite loop via...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1573)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3414-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3414-1 advisory. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges insid...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security and bug fix update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7, Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7, Red Hat OpenStack Platform 8.0 Liberty, Red Hat OpenStack Platform 9.0 Mitaka, Red Hat OpenStack Platform 10.0 Newton,...
Fedora 25 : 2:qemu (2017-f941184db1)
CVE-2017-7718: cirrus: OOB read access issue bz 1443443 - CVE-2016-9603: cirrus: heap buffer overflow via vnc connection bz 1432040 - CVE-2017-7377: 9pfs: fix file descriptor leak bz 1437872 - CVE-2017-7980: cirrus: OOB r/w access issues in bitblt bz 1444372 - CVE-2017-8112: vmwpvscsi: infinite...
[SECURITY] [DSA 3920-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3920-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2017 https://www.debian.org/security/faq -...
CVE-2017-9310
CVE-2017-9310 affects QEMU when built with e1000e NIC emulation. The vulnerability arises from handling of the TDH/RDH pointers outside the allocated descriptor buffer, allowing a local privileged guest user to trigger a denial of service (infinite loop) in the QEMU process. Public references in ...