CVE-2017-9503
https://notcve.org/view.php?id=CVE-2017-9503
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de emulación del adaptador de bus host SAS 8708EM2 de MegaRAID, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (desreferencia del puntero NULL y bloqueo del proceso QEMU) por medio de vectores que involucran el procesamiento de comandos megasas. • http://www.openwall.com/lists/oss-security/2017/06/08/1 http://www.securityfocus.com/bid/99010 https://bugzilla.redhat.com/show_bug.cgi?id=1459477 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html • CWE-476: NULL Pointer Dereference •
CVE-2017-9375 – Qemu: usb: xhci infinite recursive call via xhci_kick_ep
https://notcve.org/view.php?id=CVE-2017-9375
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing. QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte del emulador controlador xHCI USB, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (llamada recursiva infinita) por medio de vectores que involucran la secuencia de descriptores de transferencia de control. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=96d87bdda3919bb16f754b3d3fd1227e1f38f13c http://www.debian.org/security/2017/dsa-3991 http://www.openwall.com/lists/oss-security/2017/06/05/2 http://www.securityfocus.com/bid/98915 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1458744 https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html https://access.redhat.com/security • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2017-9310 – Qemu: net: infinite loop in e1000e NIC emulation
https://notcve.org/view.php?id=CVE-2017-9310
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated descriptor buffer. QEMU (también conocido como Quick Emulator), cuando se integra con soporte de emulación e1000e NIC, permite que usuarios privilegiados invitados locales del sistema operativo provoquen una denegación de servicio (bucle infinito) mediante vectores relacionados con la colocación de la cabecera receive/transmit del descriptor TDH/RDH???? fuera del búfer del descriptor asignado. • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=4154c7e03fa55b4cf52509a83d50d6c09d743b7 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/05/31/1 http://www.securityfocus.com/bid/98766 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1452620 https://security.gentoo.org/glsa/201706-03 https://access.redhat.com/security/cve/CVE-2017-9310 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2017-7471
https://notcve.org/view.php?id=CVE-2017-7471
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. Quick Emulator (Qemu) interado con VirtFS, compartición de directorios host mediante el soporte 9pfs (Plan 9 File System), es vulnerable a un control de acceso incorrecto. Podría ocurrir cuando se acceden a archivos en un directorio host compartido. • http://www.openwall.com/lists/oss-security/2017/04/19/2 http://www.securityfocus.com/bid/97970 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7471 https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9c6b899f7a46893ab3b671e341a2234e9c0c060e https://security.gentoo.org/glsa/201706-03 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2017-9330
https://notcve.org/view.php?id=CVE-2017-9330
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505. QEMU (también conocido como Quick Emulator), cuando se integra con soporte USB OHCI Emulation, permite que usuarios invitados locales del sistema operativo provoquen una denegación de servicio (bucle infinito) aprovechando un valor de retorno incorrecto. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=26f670a244982335cc08943fb1ec099a2c81e42d http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/01/3 http://www.securityfocus.com/bid/98779 https://bugzilla.redhat.com/show_bug.cgi?id=1457697 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201706-03 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •