CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-11434
https://notcve.org/view.php?id=CVE-2017-11434
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. La función dhcp_decode en el archivo slirp/bootp.c en QEMU (conocido como Quick Emulator), permite a los usuarios de sistemas operativos invitados locales causar una denegación de servicio (lectura fuera de límites y bloqueo del proceso QEMU) por medio de una cadena de opciones DHCP creada. • http://www.debian.org/security/2017/dsa-3925 http://www.openwall.com/lists/oss-security/2017/07/19/2 http://www.securityfocus.com/bid/99923 https://bugzilla.redhat.com/show_bug.cgi?id=1472611 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0CVE-2017-9524 – Qemu: nbd: segmentation fault due to client non-negotiation
https://notcve.org/view.php?id=CVE-2017-9524
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function. El servidor qemu-nbd en QEMU (también se conoce como Quick Emulator), cuando se ensambló con el soporte del servidor Network Block Device (NBD), permite a los atacantes remotos causar una denegación de servicio (fallo de segmentación y fallo del servidor) aprovechando el fallo para garantizar que toda la inicialización ocurre antes de hablar con un cliente en la función nbd_negotiate. Quick Emulator (QEMU) built with Network Block Device (NBD) Server support was vulnerable to a null-pointer dereference issue. The flaw could occur when releasing a client that was not initialized due to failed negotiation. A remote user or process could exploit this flaw to crash the qemu-nbd server (denial of service). • http://www.debian.org/security/2017/dsa-3925 http://www.openwall.com/lists/oss-security/2017/06/12/1 http://www.securityfocus.com/bid/99011 https://access.redhat.com/errata/RHSA-2017:1681 https://access.redhat.com/errata/RHSA-2017:1682 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html https://access.redhat.com/security/cve/CVE&# • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9503
https://notcve.org/view.php?id=CVE-2017-9503
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de emulación del adaptador de bus host SAS 8708EM2 de MegaRAID, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (desreferencia del puntero NULL y bloqueo del proceso QEMU) por medio de vectores que involucran el procesamiento de comandos megasas. • http://www.openwall.com/lists/oss-security/2017/06/08/1 http://www.securityfocus.com/bid/99010 https://bugzilla.redhat.com/show_bug.cgi?id=1459477 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-9373 – Qemu: ide: ahci host memory leakage during hotunplug
https://notcve.org/view.php?id=CVE-2017-9373
Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device. Una pérdida de memoria en QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de Emulación AHCI IDE, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (consumo de memoria) mediante una desconexión del dispositivo AHCI repetidamente. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d68f0f778e7f4fbd674627274267f269e40f0b04 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/05/1 http://www.securityfocus.com/bid/98921 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1458270 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://access.redhat.com/security&#x • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9374 – Qemu: usb: ehci host memory leakage during hotunplug
https://notcve.org/view.php?id=CVE-2017-9374
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device. Una pérdida de memoria en QEMU (conocido como Quick Emulator), cuando se ensambla con el soporte de emulación EHCI USB, permite a los usuarios privilegiados del sistema operativo invitado local causar una denegación de servicio (consumo de memoria) mediante una desconexión del dispositivo repetidamente. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0 http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/06/3 http://www.securityfocus.com/bid/98905 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://bugzilla.redhat.com/show_bug.cgi?id=1459132 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://access.redhat.com/security&#x • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •