CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6505 – Ubuntu Security Notice USN-3261-1
https://notcve.org/view.php?id=CVE-2017-6505
15 Mar 2017 — The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330. La función ohci_service_ed_list en hw/usb/hcd-ohci.c en QEMU (también conocido como Quick Emulator) en versiones anteriores a la 2.9.0 permite que los usuarios locales del sistema operativo invitado provoquen una denegación de s... • http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10029 – Ubuntu Security Notice USN-3261-1
https://notcve.org/view.php?id=CVE-2016-10029
27 Feb 2017 — The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts. La función virtio_gpu_set_scanout en QEMU (también conocido como Quick Emulator) construido con el apoyo del emulador Virtio GPU Device permite a los usuarios locales de SO invitados provocar una denegación de servicio (le... • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=2fe760554eb3769d70f608a158474f • CWE-125: Out-of-bounds Read •
CVSS: 9.9EPSS: 0%CPEs: 32EXPL: 0CVE-2017-2620 – Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo
https://notcve.org/view.php?id=CVE-2017-2620
27 Feb 2017 — Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. Quick emulator (QEMU) en versiones anteriores a la 2.8 construido con el soporte del emulador Cirrus CLGD 54xx VGA Emulator es vulnerable a un p... • http://rhn.redhat.com/errata/RHSA-2017-0328.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5856 – Gentoo Linux Security Advisory 201702-28
https://notcve.org/view.php?id=CVE-2017-5856
21 Feb 2017 — Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb. Pérdida de memoria en la función megasas_handle_dcmd en hw/scsi/megasas.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados del SO invitado provocar una denegación de servicio (consumo de ... • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-5898 – Qemu: usb: integer overflow in emulated_apdu_from_guest
https://notcve.org/view.php?id=CVE-2017-5898
21 Feb 2017 — Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit. Desbordamiento de entero en la función emulated_apdu_from_guest en usb/dev-smartcard-reader.c en Quick Emulator (Qemu), cuando se construye con el soporte de emulador de dispositivo de CCID Card, permite a usuarios loc... • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5552 – Gentoo Linux Security Advisory 201702-28
https://notcve.org/view.php?id=CVE-2017-5552
21 Feb 2017 — Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. Pérdida de memoria en la función virgl_resource_attach_backing en hw/display/virtio-gpu-3d.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales de SO invitado provocar una denegación de servicio (consumo de memoria del... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=33243031dad02d161225ba99d782616da133f689 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10155 – Qemu: watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb
https://notcve.org/view.php?id=CVE-2016-10155
21 Feb 2017 — Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. Pérdida de memoria en hw/watchdog/wdt_i6300esb.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados locales del SO invitado provocar una denegación de servicio (consumo de memoria del host y caída del proceso QEMU) a través de un gran núme... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=eb7a20a3616085d46aa6b4b4224e15587ec67e6e • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 0CVE-2017-2615 – Qemu: display: cirrus: oob access while doing bitblt copy backward mode
https://notcve.org/view.php?id=CVE-2017-2615
21 Feb 2017 — Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. Quick emulator (QEMU) con soporte integrado para el emulador Cirrus CLGD 54xx VGA es vulnerable a un problema de acceso fuera ... • http://rhn.redhat.com/errata/RHSA-2017-0309.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5525 – Gentoo Linux Security Advisory 201702-28
https://notcve.org/view.php?id=CVE-2017-5525
21 Feb 2017 — Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. Pérdida de memoria en hw/audio/ac97.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados del SO invitado provocar una denegación de servicio (consumo de memoria del host y caída del proceso QEMU) a través de un gran número de operaciones de desenchuf... • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=12351a91da97b414eec8cdb09f1d9f41e535a401 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5667 – Gentoo Linux Security Advisory 201702-28
https://notcve.org/view.php?id=CVE-2017-5667
21 Feb 2017 — The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length. La función sdhci_sdma_transfer_multi_blocks en hw/sd/sdhci.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados del SO invitado provocar una denegación de servicio (acceso de memoria din... • http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9 • CWE-125: Out-of-bounds Read •