SUSE CVE-2017-5526

Memory leak in hw/audio/es1370.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

SUSE CVE-2020-13361

In QEMU 5.0.0 and earlier, es1370transferaudio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370write operation...

USN-4467-2 qemu vulnerabilities

USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly u...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service DoS. es1370transferaudio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370write operation...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4467-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4467-1 advisory. Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP ec...

USN-4467-1 qemu vulnerabilities

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...

In QEMU 5.0.0 and earlier es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.

...

openSUSE Security Update : qemu (openSUSE-2020-1108)

This update for qemu to version 4.2.1 fixes the following issues : - CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. - CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. - CVE-2020-13659: Fixed a NULL...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:2015-1)

This update for qemu to version 4.2.1 fixes the following issues : CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. CVE-2020-13659: Fixed a NULL pointer...

QEMU Buffer Overflow Vulnerability (CNVD-2020-31087)

QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A buffer overflow vulnerability exists in the es1370transferaudio file in hw/audio/es1370.c in QEMU version 4.2.0. The...

CVE-2020-13361

In QEMU 5.0.0 and earlier, es1370transferaudio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370write operation...

UBUNTU-CVE-2020-13361

In QEMU 5.0.0 and earlier, es1370transferaudio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370write operation...

CVE-2020-13361

An out-of bounds access flaw was found in the ES1370 audio device emulator of the QEMU. This flaw occurs in the 'audiopcmswread', while reading an audio byte stream from a channel if the channel frame count is set to a malicious value. A guest user or process may use this flaw to crash the QEMU...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1266)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:2864-1)

This update for xen fixes several issues: These security issues were fixed : - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host...

Memory corruption

Memory leak in hw/audio/es1370.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

DEBIAN-CVE-2017-5526

Memory leak in hw/audio/es1370.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

UBUNTU-CVE-2017-5526

Memory leak in hw/audio/es1370.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...

Fedora 24 : xen (2017-d4ee7018c1)

memory leak when destroying guest without PT devices XSA-207 1422492 update patches for XSA-208 after upstream revision no functional change ---- Qemu: net: mcffec: infinite loop while receiving data in mcffecreceive CVE-2016-9776 Qemu: audio: memory leakage in ac97 CVE-2017-5525 1414111 Qemu:...