VYPR

rpm package

suse/qemu&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Vulnerabilities (89)

  • CVE-2017-5973MedMar 27, 2017
    affected < 2.6.2-41.16.1fixed 2.6.2-41.16.1

    The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

  • CVE-2016-9922MedMar 27, 2017
    affected < 2.6.2-39.1fixed 2.6.2-39.1

    The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.

  • CVE-2017-5987MedMar 20, 2017
    affected < 2.6.2-41.16.1fixed 2.6.2-41.16.1

    The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.

  • CVE-2017-5857MedMar 16, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching t

  • CVE-2017-5856MedMar 16, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over

  • CVE-2017-5667MedMar 16, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer

  • CVE-2017-5898MedMar 15, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units

  • CVE-2017-5579MedMar 15, 2017
    affected < 2.6.2-41.16.1fixed 2.6.2-41.16.1

    Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-5578MedMar 15, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

  • CVE-2017-5552MedMar 15, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

  • CVE-2017-5526MedMar 15, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-5525MedMar 15, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2016-10155MedMar 15, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-6505MedMar 15, 2017
    affected < 2.6.2-41.16.1fixed 2.6.2-41.16.1

    The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-93

  • CVE-2016-10029MedFeb 27, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_

  • CVE-2016-10028MedFeb 27, 2017
    affected < 2.6.2-41.9.1fixed 2.6.2-41.9.1

    The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with

  • CVE-2016-9381HigJan 23, 2017
    affected < 2.6.2-39.1fixed 2.6.2-39.1

    Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.

  • CVE-2016-9913MedDec 29, 2016
    affected < 2.6.2-39.1fixed 2.6.2-39.1

    Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.

  • CVE-2016-9846MedDec 29, 2016
    affected < 2.6.2-39.1fixed 2.6.2-39.1

    QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for

  • CVE-2016-9845MedDec 29, 2016
    affected < 2.6.2-39.1fixed 2.6.2-39.1

    QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes.