10 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in QEMU aka Quick Emulator, when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory...
SUSE: Security Advisory (SUSE-SU-2017:1795-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2946-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3414-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3414-1 advisory. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges insid...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security and bug fix update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7, Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7, Red Hat OpenStack Platform 8.0 Liberty, Red Hat OpenStack Platform 9.0 Mitaka, Red Hat OpenStack Platform 10.0 Newton,...
Fedora 25 : 2:qemu (2017-f941184db1)
CVE-2017-7718: cirrus: OOB read access issue bz 1443443 - CVE-2016-9603: cirrus: heap buffer overflow via vnc connection bz 1432040 - CVE-2017-7377: 9pfs: fix file descriptor leak bz 1437872 - CVE-2017-7980: cirrus: OOB r/w access issues in bitblt bz 1444372 - CVE-2017-8112: vmwpvscsi: infinite...
[SECURITY] [DSA 3920-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3920-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2017 https://www.debian.org/security/faq -...
Security update for qemu (important)
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:1774-1)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
CVE-2017-9374
CVE-2017-9374 describes a memory leak in QEMU when built with USB EHCI Emulation support. A local privileged guest user can repeatedly hot-unplug a USB device, causing memory consumption and a denial of service on the host QEMU process. The description confirms the vulnerable component as the USB...