NotCVE - vendor:"Debian" product:"Debian Linux" version:"4.0"

Page 25 of 382 results (0.016 seconds)

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2016-9911 – Qemu: usb: ehci: memory leakage in ehci_init_transfer

https://notcve.org/view.php?id=CVE-2016-9911

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. Quick Emulator (Qemu) construido con el soporte USB EHCI Emulation es vulnerable a un problema de fuga de memoria. Podría ocurrir mientras se procesan paquetes de datos en 'ehci_init_transfer'. • http://www.openwall.com/lists/oss-security/2016/12/08/5 http://www.securityfocus.com/bid/94762 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201701-49 https://access.redhat.com/security/cve/CVE-2016-9911 https://bugzilla.redhat.com/show_bug.cgi?id=1402272 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-6835 – Qemu: net: vmxnet: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation

https://notcve.org/view.php?id=CVE-2016-6835

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length. La función vmxnet_tx_pkt_parse_headers en hw/net/vmxnet_tx_pkt.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (sobre lectura del búfer) aprovechando el fallo para comprobar la longitud del encabezado IP. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=93060258ae748573ca7197204125a2670047896d http://www.openwall.com/lists/oss-security/2016/08/11/7 http://www.openwall.com/lists/oss-security/2016/08/18/4 https://access.redhat.com/errata/RHSA-2017:2392 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html https://access.redhat.com/security/cve/CVE-2016-6835 https://bugzilla.redhat.com/show_bug • CWE-122: Heap-based Buffer Overflow •

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2016-8576 – Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch

https://notcve.org/view.php?id=CVE-2016-8576

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. La función xhci_ring_fetch en hw/usb/hcd-xhci.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (bucle infinito y caída del proceso QEMU) aprovechando el fallo para limitar el número de enlaces Transfer Request Blocks (TRB) al proceso. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=05f43d44e4bc26611ce25fd7d726e483f73363ce http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/10/10/12 http://www.openwall.com/lists/oss-security/2016/10/10/6 http://www.securityfocus.com/bid/93469 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https:/&# • CWE-770: Allocation of Resources Without Limits or Throttling CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2016-8909 – Qemu: audio: intel-hda: infinite loop in processing dma buffer stream

https://notcve.org/view.php?id=CVE-2016-8909

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. La función intel_hda_xfer en hw/audio/intel-hda.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (bucle infinito y consumo de CPU) a través de una entrada con el mismo valor para la longitud del búfer y posición del puntero. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/10/24/1 http://www.openwall.com/lists/oss-security/2016/10/24/4 http://www.securityfocus.com/bid/93842 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.html https://security. • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2016-8910 – Qemu: net: rtl8139: infinite loop while transmit in C+ mode

https://notcve.org/view.php?id=CVE-2016-8910

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. La función rtl8139_cplus_transmit en hw/net/rtl8139.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (bucle infinito y consumo de CPU) aprovechando el fallo para limitar el recuento del descriptor del anillo. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/10/24/2 http://www.openwall.com/lists/oss-security/2016/10/24/5 http://www.securityfocus.com/bid/93844 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html https://security. • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

1...23 24 25 26 27