rpm package

suse/qemu&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (147)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2015-8567	Hig	7.7	< 2.3.1-14.1	2.3.1-14.1	Apr 13, 2017	Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-8345	Med	6.5	< 2.3.1-7.7	2.3.1-7.7	Apr 13, 2017	The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVE-2015-8613	Med	6.5	< 2.3.1-14.1	2.3.1-14.1	Apr 11, 2017	Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2015-8568	Med	6.5	< 2.3.1-14.1	2.3.1-14.1	Apr 11, 2017	Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVE-2015-8504	Med	6.5	< 2.3.1-14.1	2.3.1-14.1	Apr 11, 2017	Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVE-2017-7377	Med	6.0	< 2.3.1-33.3.3	2.3.1-33.3.3	Apr 10, 2017	The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
CVE-2017-5973	Med	5.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 27, 2017	The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
CVE-2016-9922	Med	5.5	< 2.3.1-32.11	2.3.1-32.11	Mar 27, 2017	The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
CVE-2017-5987	Med	5.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 20, 2017	The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
CVE-2017-5856	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 16, 2017	Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over
CVE-2017-5667	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 16, 2017	The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer
CVE-2017-5898	Med	5.5	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units
CVE-2017-5579	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 15, 2017	Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5526	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5525	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-10155	Med	6.0	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-6505	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 15, 2017	The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-93
CVE-2016-9776	Med	5.5	< 2.3.1-32.11	2.3.1-32.11	Dec 29, 2016	QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process
CVE-2016-2198	Med	5.5	< 2.3.1-14.1	2.3.1-14.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process
CVE-2016-2197	Med	5.5	< 2.3.1-14.1	2.3.1-14.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash t

CVE-2015-8567HigApr 13, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-8345MedApr 13, 2017
affected < 2.3.1-7.7fixed 2.3.1-7.7
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVE-2015-8613MedApr 11, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2015-8568MedApr 11, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVE-2015-8504MedApr 11, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVE-2017-7377MedApr 10, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
CVE-2017-5973MedMar 27, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
CVE-2016-9922MedMar 27, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
CVE-2017-5987MedMar 20, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
CVE-2017-5856MedMar 16, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over
CVE-2017-5667MedMar 16, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer
CVE-2017-5898MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units
CVE-2017-5579MedMar 15, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5526MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5525MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-10155MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-6505MedMar 15, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-93
CVE-2016-9776MedDec 29, 2016
affected < 2.3.1-32.11fixed 2.3.1-32.11
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process
CVE-2016-2198MedDec 29, 2016
affected < 2.3.1-14.1fixed 2.3.1-14.1
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process
CVE-2016-2197MedDec 29, 2016
affected < 2.3.1-14.1fixed 2.3.1-14.1
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash t

Page 4 of 8