33 matches found
EUVD-2017-18308
Malware in sbrugna...
EUVD-2016-2663
Malware in sbrugna...
EUVD-2016-3281
Malware in sbrugna...
RHEL 7 : qemu-kvm-rhev (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: ps2: information leakage via postload routine CVE-2017-16845 - QEMU aka Quick Emulator built with a...
SUSE CVE-2013-4526
Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports...
UBUNTU-CVE-2019-12067
The ahcicommitbuf function in ide/ahci.c in QEMU allows attackers to cause a denial of service NULL dereference when the command header 'ad-curcmd' is null...
CVE-2019-12067
A NULL pointer dereference flaw was found in the QEMU emulator's IDE AHCI emulator. Exploitation of the flaw could occur while committing DMA buffer in ahcicommitbuf if the command header 'ad-curcmd' was null. A privileged guest user could use this flaw to crash the QEMU process instance resultin...
Denial Of Service (DoS)
QEMU is vulnerable to denial of serviceDoS attacks. An attacker could exploit a flaw in the IDE AHCI Emulation which leads application to crash by repeatedly hot-unplugging the AHCI device...
Denial Of Service (DoS)
qemu-kvm-rhev is vulnerable to denial of service DoS attacks. The vulnerability exists as a use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service instance crash or possibly execute arbitrary code via a...
USN-3414-1 qemu vulnerabilities
Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. CVE-2017-7493 Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this...
Qemu: ide: ahci host memory leakage during hotunplug
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
Debian DSA-3920-1 : qemu - security update
Multiple vulnerabilities were found in qemu, a fast processor emulator : - CVE-2017-9310 Denial of service via infinite loop in e1000e NIC emulation. - CVE-2017-9330 Denial of service via infinite loop in USB OHCI emulation. - CVE-2017-9373 Denial of service via memory leak in IDE AHCI emulation....
Security update for qemu (important)
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
QEMU Denial of Service Vulnerability (CNVD-2017-15532)
QEMU is an open source emulator software. QEMU supports IDE AHCI emulation has a security vulnerability that allows local attackers to exploit the vulnerability by submitting a specially crafted request that triggers memory corruption and crashes the application...
CVE-2017-9373
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
CVE-2017-9373
CVE-2017-9373 is a memory-leak vulnerability in QEMU when built with IDE AHCI Emulation. A local privileged user can trigger a denial of service by repeatedly hot-unplugging the AHCI device, causing memory consumption on the host. Affected software/conditions are as described in the CVE entry; ex...
CVE-2017-9373
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
UBUNTU-CVE-2017-9373
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
MGASA-2016-0176 Updated qemu packages fix security vulnerabilities
Updated qemu packages fix security vulnerabilities: An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. ...
CVE-2016-1568
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service instance crash or possibly execute arbitrary code via an invalid AHCI Native Command Queuing NCQ AIO command...