USN-3125-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. CVE-2016-5403 Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card...

CVE-2016-7423

The mptsasprocessscsiiorequest function in QEMU aka Quick Emulator, when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via vectors involving MPTSASRequest objects...