20 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9330
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QEMU aka Quick Emulator before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service infinite loop by...
SUSE: Security Advisory (SUSE-SU-2017:1742-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1774-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2946-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1812-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1795-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1247)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : qemu (SUSE-SU-2017:2969-1)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service out-of-bounds write access and Qemu process crash via vectors related to dst calculation bsc1063122 -...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3414-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3414-1 advisory. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges insid...
Fedora Update for xen FEDORA-2017-b7f1197c23
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : 2:qemu (2017-f941184db1)
CVE-2017-7718: cirrus: OOB read access issue bz 1443443 - CVE-2016-9603: cirrus: heap buffer overflow via vnc connection bz 1432040 - CVE-2017-7377: 9pfs: fix file descriptor leak bz 1437872 - CVE-2017-7980: cirrus: OOB r/w access issues in bitblt bz 1444372 - CVE-2017-8112: vmwpvscsi: infinite...
[SECURITY] [DSA 3920-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3920-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2017 https://www.debian.org/security/faq -...
openSUSE: Security Advisory for qemu (openSUSE-SU-2017:1872-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for qemu (important)
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
openSUSE: Security Advisory for xen (openSUSE-SU-2017:1826-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : xen (openSUSE-2017-799)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-10912: Page transfer might have allowed PV guest to elevate privilege XSA-217, bsc1042882 - CVE-2017-10913 CVE-2017-10914: Races in the grant table unmap code allowed for informations leaks and potentially...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:1774-1)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:1742-1)
This update for xen fixes several issues. These security issues were fixed : - Page transfer might have allowed PV guest to elevate privilege XSA-217, bsc1042882 - Races in the grant table unmap code allowed for informations leaks and potentially privilege escalation XSA-218, bsc1042893 -...
CVE-2017-9330
CVE-2017-9330 : QEMU (Quick Emulator) prior to 2.9.0, when built with USB OHCI Emulation support, allows a local guest OS user to trigger a denial of service (infinite loop) via an incorrect return value. This is a distinct issue from CVE-2017-6505. Connected sources list QEMU as the affected com...
Design/Logic Flaw
The ohciserviceedlist function in hw/usb/hcd-ohci.c in QEMU aka Quick Emulator before 2.9.0 allows local guest OS users to cause a denial of service infinite loop via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330...