CVE-2017-7481

CVE-2017-7481 affects Ansible before versions 2.3.1.0 and 2.4.0.0, where lookup-plugin results could be marked unsafe, allowing code execution via jinja2 if an attacker controls lookup() results. The description and connected advisories confirm the vulnerability originates from unsafe lookup resu...

CVE-2017-10664

CVE-2017-10664 affects qemu-nbd in QEMU. The issue arises because SIGPIPE is not ignored, allowing remote attackers to trigger a denial of service (daemon crash) by disconnecting during a server-to-client reply. The vulnerability is referenced across multiple advisories and Nessus plugins (e.g., ...

CVE-2018-1000115

CVE-2018-1000115 – Memcached UDP amplification vulnerability. Memcached 1.5.5 contains an Insufficient Control of Network Message Volume (CWE-406) in UDP support, enabling a remote attacker to perform a denial-of-service via UDP traffic to port 11211 (amplification ~1:50,000). The issue is mitiga...

CVE-2016-9587

CVE-2016-9587 affects Ansible up to versions 2.1.4 and 2.2.1. The issue is improper input validation in handling data from client systems, allowing an attacker who controls a managed client and can send facts back to the server to execute arbitrary code on the Ansible server with server privilege...

CVE-2017-7466

CVE-2017-7466 is a vulnerability in Ansible prior to version 2.3, where input validation of data returned by client systems could be exploited by a compromised client to execute arbitrary code on the Ansible server with the server’s privileges. Public sources in the provided documents reference R...

CVE-2016-8576

CVE-2016-8576 affects QEMU’s USB xHCI emulation. The vulnerability is in xhci_ring_fetch (hw/usb/hcd-xhci.c), where failure to limit the number of TRBs can be exploited by a local privileged guest to cause an infinite loop and a DoS of the QEMU process. The initial documents do not specify exploi...

CVE-2017-5973

Technical details about CVE-2017-5973 are not publicly provided in the connected documents. Available records reference QEMU's xhci_kick_epctx vulnerability but do not expose deeper data (affected versions, exploit info, or fixes). Monitor for updates.

CVE-2016-8909

CVE-2016-8909 is an issue in QEMU’s Intel High Definition Audio emulation. The vulnerability exists in the intel_hda_xfer function (hw/audio/intel-hda.c) where an entry with the same value for buffer length and pointer position can be supplied by a local attacker (local guest OS administrator), l...

CVE-2016-8910

CVE-2016-8910 affects QEMU: the rtl8139_cplus_transmit function in hw/net/rtl8139.c can allow a local privileged user to cause a denial of service (infinite loop/CPU usage) by failing to limit the ring descriptor count. No public details on patch/version are provided in the connected documents.

CVE-2018-1059

The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...

CVE-2016-9911

CVE-2016-9911 (QEMU) : A memory leak vulnerability in QEMU built with USB EHCI emulation. The leak occurs while processing packet data in ehci_init_transfer, allowing a guest user/process to leak host memory and potentially cause a DoS on the host. The available connected documents confirm the pr...

CVE-2017-8309

CVE-2017-8309 refers to a memory leak in QEMU’s audio subsystem (audio.c) that can be exploited remotely to cause a denial of service by repeatedly starting and stopping audio capture. The initial description explicitly states the issue and impact. Connected sources list the CVE in vendor advisor...

CVE-2016-9921

According to connected sources, CVE-2016-9921 affects QEMU with Cirrus CLGD 54xx VGA Emulator. The root cause is a divide-by-zero in cirrus_do_copy when Cirrus VGA graphics mode is VGA, which can be triggered during VGA data copying. Impact is guest-privileged code causing a host DoS by crashing ...

CVE-2016-9907

The CVE-2016-9907 issue affects Quick Emulator (QEMU) built with usb-guest USB redirector support. It describes a memory-leak flaw that can occur while destroying the usbredir device (usbredir_handle_destroy), allowing a guest user to leak host memory and potentially cause DoS on the host. Red Ha...

CVE-2016-8669

CVE-2016-8669 affects QEMU: the serial_update_parameters function in hw/char/serial.c can be triggered by a divider value greater than baud base to cause a divide-by-zero and QEMU process crash. It is a local privilege vulnerability (guest to host) with denial of service as the impact. The connec...

CVE-2016-4020

CVE-2016-4020 : In QEMU, the patch_instruction function in hw/i386/kvmvapic.c fails to initialize imm32, enabling a local guest OS administrator to leak host stack memory via the Task Priority Register (TPR). Several advisories (Debian DLA-574-1, CentOS/CESA-2017:1856, Gentoo GLSA-201609-01) docu...

CVE-2017-8379

CVE-2017-8379 is a memory-leak issue in QEMU keyboard input event handling that can allow a local privileged guest user to exhaust host memory and cause a denial of service. The vulnerability is listed among fixes in Red Hat RHSA-2017:2408, which notes remediation by rebasing to QEMU 2.9.0 and re...

CVE-2016-6888

CVE-2016-6888 in QEMU (net_tx_pkt_init in hw/net/net_tx_pkt.c) has an integer overflow when handling the maximum fragmentation count, triggering an unchecked multiplication and a NULL pointer dereference. This allows a local privileged user/guest to cause a denial of service (QEMU process crash)....

CVE-2016-7422

CVE-2016-7422 affects QEMU’s virtio/virtio.c: virtqueue_map_desc allows a local guest OS administrator to trigger a NULL pointer dereference by using a large I/O descriptor buffer length, leading to QEMU process crash. Remediation in connected docs shows fixes via rebases to QEMU 2.9.0 (RHSA-2017...

CVE-2016-7466

CVE-2016-7466 is a memory-leak denial-of-service issue in QEMU’s USB xHCI emulation when MSI-X is used. The usb_xhci_exit path can leak memory during repeated USB unplug actions, allowing a local privileged user (guest) to exhaust host memory or crash the QEMU process. Public details confirm the ...

CVE-2017-9214

Summary: CVE-2017-9214 affects Open vSwitch (OvS) 2.7.0 and is due to a buffer over-read caused by an unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 while parsing OFPT_QUEUE_GET_CONFIG_REPLY (OFP 1.0). Impact (as described): Buffer over-read with potential denial...

CVE-2017-7539

CVE-2017-7539 affects QEMU’s NBD server: an assertion-failure during initial connection negotiation can crash qemu-nbd, enabling a remote DoS. Affected product: QEMU/NBD server prior to 2.10.1. Root cause: I/O coroutine in the initial negotiation is undefined. Impact: Denial of service via server...

CVE-2017-7543

CVE-2017-7543 describes a race-condition in OpenStack Neutron that, after a minor overcloud update, resets to 0 both net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables, effectively disabling neutron security groups. This race can be triggered by an update, allowing an atta...

CVE-2017-2627

CVE-2017-2627 affects openstack-tripleo-common as shipped with Red Hat OpenStack Enterprise 10 and 11. The sudoers configuration for the mistral user contains wildcards enabling directory traversal, and it grants passwordless root access to the validations user. These issues create local privileg...