rpm package
opensuse/qemu&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/qemu&distro=openSUSE%20Tumbleweed
Vulnerabilities (224)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-10664 | Hig | 7.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Aug 2, 2017 | qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. | |
| CVE-2017-11434 | Med | 5.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Jul 25, 2017 | The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. | |
| CVE-2017-9524 | Hig | 7.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Jul 6, 2017 | The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talkin | |
| CVE-2017-9503 | Med | 5.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Jun 16, 2017 | QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. | |
| CVE-2017-8379 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | May 23, 2017 | Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. | |
| CVE-2017-8309 | Hig | 7.5 | < 6.1.0-32.1 | 6.1.0-32.1 | May 23, 2017 | Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. | |
| CVE-2017-7493 | Hig | 7.8 | < 6.1.0-32.1 | 6.1.0-32.1 | May 17, 2017 | Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to esca | |
| CVE-2017-8112 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | May 2, 2017 | hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. | |
| CVE-2015-8619 | Hig | 7.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Apr 13, 2017 | The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | |
| CVE-2015-8504 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Apr 11, 2017 | Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | |
| CVE-2017-5973 | Med | 5.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 27, 2017 | The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. | |
| CVE-2017-6058 | Hig | 7.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 20, 2017 | Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN s | |
| CVE-2017-5857 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 16, 2017 | Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching t | |
| CVE-2017-5856 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 16, 2017 | Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over | |
| CVE-2017-5667 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 16, 2017 | The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer | |
| CVE-2017-5898 | Med | 5.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 15, 2017 | Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units | |
| CVE-2017-5579 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 15, 2017 | Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | |
| CVE-2017-5578 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 15, 2017 | Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. | |
| CVE-2017-5552 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 15, 2017 | Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. | |
| CVE-2017-5526 | Med | 6.5 | < 6.1.0-32.1 | 6.1.0-32.1 | Mar 15, 2017 | Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. |
- affected < 6.1.0-32.1fixed 6.1.0-32.1
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talkin
- affected < 6.1.0-32.1fixed 6.1.0-32.1
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to esca
- affected < 6.1.0-32.1fixed 6.1.0-32.1
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN s
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching t
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over
- affected < 6.1.0-32.1fixed 6.1.0-32.1
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
- affected < 6.1.0-32.1fixed 6.1.0-32.1
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
Page 7 of 12