EUVD-2016-3476

Malware in sbrugna...

SUSE CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

SUSE CVE-2021-20255

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

CVE-2021-20255

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

CVE-2021-20255

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

DEBIAN-CVE-2018-10981

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service host OS infinite loop in situations where a QEMU device model attempts to make invalid transitions between states of a request...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:1241-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

Integer overflow

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

CVE-2017-5898

CVE-2017-5898 affects Quick Emulator (QEMU) when built with CCID Card device emulator support. The vulnerability is an integer overflow in the emulated_apdu_from_guest function (usb/dev-smartcard-reader.c) that allows a local user to crash the QEMU host process by sending a large APDU unit, causi...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...

CVE-2016-9908

CVE-2016-9908 affects QEMU with Virtio GPU Device emulation. The issue is an information-leak in the Virtio GPU command path (VIRTIO_GPU_CMD_GET_CAPSET) that could allow a guest user/process to leak contents of host memory. Affected component: QEMU’s Virtio GPU implementation; root cause: informa...

MITM BLE Security Assessment: gattacker

MITM BLE Security Assessment A Node.js package for BLE Bluetooth Low Energy Man-in-the-Middle & more The tool creates exact copy of attacked device in Bluetooth layer, and then tricks mobile application to interpret its broadcasts and connect to it instead the original device. At the same time, i...

CVE-2016-2538

Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...

Debian Security Advisory DSA 3471-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...