CVE-2017-9373 – Qemu: ide: ahci host memory leakage during hotunplug
https://notcve.org/view.php?id=CVE-2017-9373
Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device. Una pérdida de memoria en QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de Emulación AHCI IDE, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (consumo de memoria) mediante una desconexión del dispositivo AHCI repetidamente. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d68f0f778e7f4fbd674627274267f269e40f0b04 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/05/1 http://www.securityfocus.com/bid/98921 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1458270 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://access.redhat.com/security • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-9374 – Qemu: usb: ehci host memory leakage during hotunplug
https://notcve.org/view.php?id=CVE-2017-9374
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device. Una pérdida de memoria en QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de emulación EHCI USB, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (consumo de memoria) mediante una desconexión del dispositivo repetidamente. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/06/3 http://www.securityfocus.com/bid/98905 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1459132 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://access.redhat.com/security • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-9503
https://notcve.org/view.php?id=CVE-2017-9503
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de emulación del adaptador de bus host SAS 8708EM2 de MegaRAID, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (desreferencia del puntero NULL y bloqueo del proceso QEMU) por medio de vectores que involucran el procesamiento de comandos megasas. • http://www.openwall.com/lists/oss-security/2017/06/08/1 http://www.securityfocus.com/bid/99010 https://bugzilla.redhat.com/show_bug.cgi?id=1459477 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html • CWE-476: NULL Pointer Dereference •
CVE-2017-9375 – Qemu: usb: xhci infinite recursive call via xhci_kick_ep
https://notcve.org/view.php?id=CVE-2017-9375
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing. QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte del emulador controlador xHCI USB, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (llamada recursiva infinita) por medio de vectores que involucran la secuencia de descriptores de transferencia de control. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=96d87bdda3919bb16f754b3d3fd1227e1f38f13c http://www.debian.org/security/2017/dsa-3991 http://www.openwall.com/lists/oss-security/2017/06/05/2 http://www.securityfocus.com/bid/98915 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1458744 https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html https://access.redhat.com/security • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2017-9310 – Qemu: net: infinite loop in e1000e NIC emulation
https://notcve.org/view.php?id=CVE-2017-9310
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated descriptor buffer. QEMU (también conocido como Quick Emulator), cuando se integra con soporte de emulación e1000e NIC, permite que usuarios privilegiados invitados locales del sistema operativo provoquen una denegación de servicio (bucle infinito) mediante vectores relacionados con la colocación de la cabecera receive/transmit del descriptor TDH/RDH???? fuera del búfer del descriptor asignado. • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=4154c7e03fa55b4cf52509a83d50d6c09d743b7 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/05/31/1 http://www.securityfocus.com/bid/98766 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1452620 https://security.gentoo.org/glsa/201706-03 https://access.redhat.com/security/cve/CVE-2017-9310 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •