UBUNTU-CVE-2016-9911

Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehciinittransfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...

ALPINE-CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

QEMU 'hw/usb/hcd-xhci.c' Information Disclosure Vulnerability

QEMU is the law suite of analog processor software. An information disclosure vulnerability exists in QEMU 'hw/usb/hcd-xhci.c', which allows attackers to exploit the vulnerability to obtain sensitive information...

DEBIAN-CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

QEMU Denial of Service Vulnerability (CNVD-2016-02377)

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU. When the program uses USB EHCI emulation support, an attacker can exploit this vulnerability to cause a denial of...

QEMU 'hw/usb/hcd-ohci.c' Denial of Service Vulnerability

QEMU is a suite of analog processor software. A security vulnerability in QEMU 'hw/usb/hcd-ohci.c' allows attackers to exploit the vulnerability to crash the QEMU process and cause a denial of service...

UBUNTU-CVE-2016-2391

The ohcibusstart function in the USB OHCI emulation support hw/usb/hcd-ohci.c in QEMU allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via vectors related to multiple eoftimers...

FreeBSD : qemu -- denial of service vulnerability in USB EHCI emulation support (60cb2055-b1b8-11e5-9728-002590263bf5)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interfaceEHCI and a respective device driver. These two communicate via a isochronous...

qemu -- denial of service vulnerability in USB EHCI emulation support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interfaceEHCI and a respective device driver. These two communicate via a isochronous...

Ubuntu: Security Advisory (USN-2667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2664-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2664-1 advisory. A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative...

USN-2666-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

Apple MAC OS X Bluetooth HCI Interface Memory Corruption Vulnerability

Apple Mac OS X is a commercial operating system. A memory corruption vulnerability exists in Apple Mac OS X's handling of the Bluetooth HCI interface, which could allow an attacker to run a malicious application to execute arbitrary code...

(Mobile Pwn2Own) Google Android Bluetooth Forced Pairing Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Android. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Bluetooth application stack allowing for arbitrary Host Controller Interface comman...

UBUNTU-CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

CVE-2013-5166

CVE-2013-5166 affects Apple Mac OS X before 10.9. The Bluetooth USB host controller prematurely deletes interfaces, enabling local users to cause a denial of service (system crash) via a crafted application. The Red Hat and NVD entries corroborate the same description. No details on patches or fi...

DEBIAN-CVE-2013-5717

The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service application crash via a crafted packet that is not properly handled by the wmemblockalloc function in...

PT-2013-4888 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.2.2 Description: The issue allows remote attackers to cause a denial of service, specifically memory consumption, via unspecified input that is converted to a symbol. This is related to the power and ipmi boot...

Kernel: Bluetooth: HCI & L2CAP information leaks

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

Kernel: Bluetooth: HCI & L2CAP information leaks

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...