20 matches found
EUVD-2016-2663
Malware in sbrugna...
EUVD-2017-18308
Malware in sbrugna...
EUVD-2016-3281
Malware in sbrugna...
Denial Of Service (DoS)
QEMU is vulnerable to denial of serviceDoS attacks. An attacker could exploit a flaw in the IDE AHCI Emulation which leads application to crash by repeatedly hot-unplugging the AHCI device...
Denial Of Service (DoS)
qemu-kvm-rhev is vulnerable to denial of service DoS attacks. The vulnerability exists as a use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service instance crash or possibly execute arbitrary code via a...
Qemu: ide: ahci host memory leakage during hotunplug
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
Security update for qemu (important)
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
QEMU Denial of Service Vulnerability (CNVD-2017-15532)
QEMU is an open source emulator software. QEMU supports IDE AHCI emulation has a security vulnerability that allows local attackers to exploit the vulnerability by submitting a specially crafted request that triggers memory corruption and crashes the application...
CVE-2017-9373
CVE-2017-9373 is a memory-leak vulnerability in QEMU when built with IDE AHCI Emulation. A local privileged user can trigger a denial of service by repeatedly hot-unplugging the AHCI device, causing memory consumption on the host. Affected software/conditions are as described in the CVE entry; ex...
CVE-2017-9373
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
UBUNTU-CVE-2017-9373
Memory leak in QEMU aka Quick Emulator, when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the AHCI device...
MGASA-2016-0176 Updated qemu packages fix security vulnerabilities
Updated qemu packages fix security vulnerabilities: An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. ...
CVE-2016-1568
CVE-2016-1568 is a use-after-free in QEMU’s AHCI emulation (hw/ide/ahci.c) when IDE AHCI Emulation is enabled. A guest user can cause a denial of service (QEMU process crash) and potentially execute arbitrary code via an invalid AHCI NCQ AIO command. The issue is triggered by use-after-free in NC...
Debian DSA-3470-1 : qemu-kvm - security update
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large...
[SECURITY] [DSA 3470-1] qemu-kvm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3470-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3469-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3469-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3470-1 (qemu-kvm - security update)
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large packet...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2891-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2891-1 advisory. Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An attacker inside the guest could use this issue to cause QEMU to crash,...
USN-2891-1: QEMU vulnerabilities
Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. CVE-2015-7549 Lian Yihan discovered that QEMU incorrectl...