CVE-2017-7471
https://notcve.org/view.php?id=CVE-2017-7471
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. Quick Emulator (Qemu) interado con VirtFS, compartición de directorios host mediante el soporte 9pfs (Plan 9 File System), es vulnerable a un control de acceso incorrecto. Podría ocurrir cuando se acceden a archivos en un directorio host compartido. • http://www.openwall.com/lists/oss-security/2017/04/19/2 http://www.securityfocus.com/bid/97970 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7471 https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9c6b899f7a46893ab3b671e341a2234e9c0c060e https://security.gentoo.org/glsa/201706-03 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2017-8380
https://notcve.org/view.php?id=CVE-2017-8380
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors. Un desbordamiento de búfer en la función "megasas_mmio_write" en Qemu 2.9.0 permite que atacantes remotos provoquen un impacto sin especificar mediante vectores sin especificar. • http://www.securityfocus.com/bid/98303 https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html https://security.gentoo.org/glsa/201706-03 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-9330
https://notcve.org/view.php?id=CVE-2017-9330
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505. QEMU (también conocido como Quick Emulator), cuando se integra con soporte USB OHCI Emulation, permite que usuarios invitados locales del sistema operativo provoquen una denegación de servicio (bucle infinito) aprovechando un valor de retorno incorrecto. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=26f670a244982335cc08943fb1ec099a2c81e42d http://www.debian.org/security/2017/dsa-3920 http://www.openwall.com/lists/oss-security/2017/06/01/3 http://www.securityfocus.com/bid/98779 https://bugzilla.redhat.com/show_bug.cgi?id=1457697 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201706-03 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2017-9060
https://notcve.org/view.php?id=CVE-2017-9060
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands. Filtrado de memoria en la función virtio_gpu_set_scanout en hw/display/virtio-gpu.c en QEMU (también conocido como Quick Emulator) permite que usuarios invitados locales del sistema operativo provoquen una denegación de servicio (consumo de memoria) mediante un gran número de comandos "VIRTIO_GPU_CMD_SET_SCANOUT:". • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=dd248ed7e204ee8a1873914e02b8b526e8f1b80d http://www.openwall.com/lists/oss-security/2017/05/19/1 http://www.securityfocus.com/bid/98632 https://bugzilla.redhat.com/show_bug.cgi?id=1452597 https://security.gentoo.org/glsa/201706-03 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2017-7493
https://notcve.org/view.php?id=CVE-2017-7493
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest. Quick Emulator (Qemu) integrado con VirtFS, con soporte para la compartición de directorios de host mediante Plan 9 File System(9pfs), es vulnerable a un problema de control de acceso incorrecto. Podría ocurrir mientras se accede a archivos de metadatos de virtfs en modo de seguridad mapped-file. • http://seclists.org/oss-sec/2017/q2/278 http://www.securityfocus.com/bid/98574 https://bugzilla.redhat.com/show_bug.cgi?id=1451709 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg03663.html https://security.gentoo.org/glsa/201706-03 • CWE-732: Incorrect Permission Assignment for Critical Resource •