rpm package

suse/qemu&distro=SUSE OpenStack Cloud 6

pkg:rpm/suse/qemu&distro=SUSE%20OpenStack%20Cloud%206

Vulnerabilities (34)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-9330	Med	5.6	< 2.3.1-33.3.3	2.3.1-33.3.3	Jun 8, 2017	QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
CVE-2017-8379	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	May 23, 2017	Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
CVE-2017-8309	Hig	7.5	< 2.3.1-33.3.3	2.3.1-33.3.3	May 23, 2017	Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
CVE-2017-7493	Hig	7.8	< 2.3.1-33.3.3	2.3.1-33.3.3	May 17, 2017	Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to esca
CVE-2017-8112	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	May 2, 2017	hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
CVE-2017-8086	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	May 2, 2017	Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.
CVE-2017-7718	Med	5.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Apr 20, 2017	hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functi
CVE-2017-7377	Med	6.0	< 2.3.1-33.3.3	2.3.1-33.3.3	Apr 10, 2017	The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
CVE-2017-5973	Med	5.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 27, 2017	The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
CVE-2017-5987	Med	5.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 20, 2017	The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
CVE-2017-5579	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 15, 2017	Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-6505	Med	6.5	< 2.3.1-33.3.3	2.3.1-33.3.3	Mar 15, 2017	The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-93
CVE-2016-6835	Med	6.0	< 2.3.1-33.3.3	2.3.1-33.3.3	Dec 10, 2016	The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
CVE-2016-6834	Med	4.4	< 2.3.1-33.3.3	2.3.1-33.3.3	Dec 10, 2016	The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.

CVE-2017-9330MedJun 8, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
CVE-2017-8379MedMay 23, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
CVE-2017-8309HigMay 23, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
CVE-2017-7493HigMay 17, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to esca
CVE-2017-8112MedMay 2, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
CVE-2017-8086MedMay 2, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.
CVE-2017-7718MedApr 20, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functi
CVE-2017-7377MedApr 10, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
CVE-2017-5973MedMar 27, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
CVE-2017-5987MedMar 20, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
CVE-2017-5579MedMar 15, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-6505MedMar 15, 2017
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-93
CVE-2016-6835MedDec 10, 2016
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
CVE-2016-6834MedDec 10, 2016
affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.

Page 2 of 2