Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3575-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3575-1 advisory. It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash...

USN-3575-1 qemu vulnerabilities

It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-11334 David Buchanan discovered that QEMU...

Qemu: exec: oob access during dma operation

Quick Emulator QEMU, compiled with qemumapramptr to access guests' RAM block area, is vulnerable to an OOB r/w access issue. The crash can occur if a privileged user inside a guest conducts certain DMA operations, resulting in a DoS...

Out-of-bounds

The addressspacewritecontinue function in exec.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds access and guest instance crash by leveraging use of qemumapramptr to access guest ram block area...

CVE-2017-11334

The addressspacewritecontinue function in exec.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds access and guest instance crash by leveraging use of qemumapramptr to access guest ram block area...