Page 22 of 324 results (0.006 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area. La función address_space_write_continue en exec.c en QEMU (también conocido como Quick Emulator) permite a los usuarios invitado locales con privilegios del sistema operativo provocar una denegación de servicio (acceso fuera de los límites y detención de las instancias de la cuenta de invitado) usando qemu_map_ram_ptr para acceder al área del bloque de memoria ram del invitado. Quick Emulator (QEMU), compiled with qemu_map_ram_ptr to access guests' RAM block area, is vulnerable to an OOB r/w access issue. The crash can occur if a privileged user inside a guest conducts certain DMA operations, resulting in a DoS. • http://www.debian.org/security/2017/dsa-3925 http://www.openwall.com/lists/oss-security/2017/07/17/4 http://www.securityfocus.com/bid/99895 https://access.redhat.com/errata/RHSA-2017:3369 https://access.redhat.com/errata/RHSA-2017:3466 https://access.redhat.com/errata/RHSA-2017:3470 https://access.redhat.com/errata/RHSA-2017:3471 https://access.redhat.com/errata/RHSA-2017:3472 https://access.redhat.com/errata/RHSA-2017:3473 https://access.redhat.com/errata/RH • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 4%CPEs: 25EXPL: 0

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. qemu-nbd en QEMU (Quick Emulator) no ignora la señal SIGPIPE, lo que permite a atacantes remotos provocar una denegación de servicio desconectando el proceso durante un intento de respuesta de servidor a cliente. Quick Emulator (QEMU) built with the Network Block Device (NBD) Server support is vulnerable to a crash via a SIGPIPE signal. The crash can occur if a client aborts a connection due to any failure during negotiation or read operation. A remote user/process could use this flaw to crash the qemu-nbd server resulting in a Denial of Service (DoS). • http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/29/1 http://www.securityfocus.com/bid/99513 https://access.redhat.com/errata/RHSA-2017:2390 https://access.redhat.com/errata/RHSA-2017:2445 https://access.redhat.com/errata/RHSA-2017:3466 https://access.redhat.com/errata/RHSA-2017:3470 https://access.redhat.com/errata/RHSA-2017:3471 https://access.redhat.com/errata/RHSA-2017:3472 https://access.redhat.com/errata/RH • CWE-248: Uncaught Exception •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. La función dhcp_decode en el archivo slirp/bootp.c en QEMU (conocido como Quick Emulator), permite a los usuarios de sistemas operativos invitados locales causar una denegación de servicio (lectura fuera de límites y bloqueo del proceso QEMU) por medio de una cadena de opciones DHCP creada. • http://www.debian.org/security/2017/dsa-3925 http://www.openwall.com/lists/oss-security/2017/07/19/2 http://www.securityfocus.com/bid/99923 https://bugzilla.redhat.com/show_bug.cgi?id=1472611 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0

The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function. El servidor qemu-nbd en QEMU (también se conoce como Quick Emulator), cuando se ensambló con el soporte del servidor Network Block Device (NBD), permite a los atacantes remotos causar una denegación de servicio (fallo de segmentación y fallo del servidor) aprovechando el fallo para garantizar que toda la inicialización ocurre antes de hablar con un cliente en la función nbd_negotiate. Quick Emulator (QEMU) built with Network Block Device (NBD) Server support was vulnerable to a null-pointer dereference issue. The flaw could occur when releasing a client that was not initialized due to failed negotiation. A remote user or process could exploit this flaw to crash the qemu-nbd server (denial of service). • http://www.debian.org/security/2017/dsa-3925 http://www.openwall.com/lists/oss-security/2017/06/12/1 http://www.securityfocus.com/bid/99011 https://access.redhat.com/errata/RHSA-2017:1681 https://access.redhat.com/errata/RHSA-2017:1682 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html https://access.redhat.com/security/cve/CVE&# • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device. Una pérdida de memoria en QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de Emulación AHCI IDE, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (consumo de memoria) mediante una desconexión del dispositivo AHCI repetidamente. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d68f0f778e7f4fbd674627274267f269e40f0b04 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/05/1 http://www.securityfocus.com/bid/98921 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1458270 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://access.redhat.com/security&#x • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •