Page 30 of 306 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-5579 – Qemu: serial: host memory leakage 16550A UART emulation

https://notcve.org/view.php?id=CVE-2017-5579

Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. Pérdida de memoria en la función serial_exit_core en hw/char/serial.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados del SO invitado provocar una denegación de servicio (consumo de memoria del host y caída del proceso QEMU) a través de un gran número de operaciones de desenchufado del dispositivo . • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b http://www.openwall.com/lists/oss-security/2017/01/24/8 http://www.openwall.com/lists/oss-security/2017/01/25/3 http://www.securityfocus.com/bid/95780 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201702-28 https://access.redhat • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2017-5898 – Qemu: usb: integer overflow in emulated_apdu_from_guest

https://notcve.org/view.php?id=CVE-2017-5898

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit. Desbordamiento de entero en la función emulated_apdu_from_guest en usb/dev-smartcard-reader.c en Quick Emulator (Qemu), cuando se construye con el soporte de emulador de dispositivo de CCID Card, permite a usuarios locales provocar una denegación de servicio (caída de aplicación) a través de una unidad Unidad de datos de protocolo (APDU) grande. An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process. • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00048.html http://www.openwall.com/lists/oss-security/2017/02/07/3 http://www.securityfocus.com/bid/96112 https://access.redhat.com/errata/RHSA-2017:1856 https://access.redhat.com/errata/RHSA-2017:2392 https://bugzilla.redhat.com/show_bug.cgi?id=1419699 htt • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-10155 – Qemu: watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb

https://notcve.org/view.php?id=CVE-2016-10155

Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. Pérdida de memoria en hw/watchdog/wdt_i6300esb.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados locales del SO invitado provocar una denegación de servicio (consumo de memoria del host y caída del proceso QEMU) a través de un gran número de operaciones de desenchufado del dispositivo. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=eb7a20a3616085d46aa6b4b4224e15587ec67e6e http://www.openwall.com/lists/oss-security/2017/01/20/14 http://www.openwall.com/lists/oss-security/2017/01/21/4 http://www.securityfocus.com/bid/95770 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201702-28 https://access.redhat.com/ • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-9602

https://notcve.org/view.php?id=CVE-2016-9602

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. Qemu en versiones anteriores a la 2.9 es vulnerable a un seguimiento de enlace incorrecto cuando se construye con VirtFS. Un usuario privilegiado en guest podría utilizar este fallo para acceder al sistema de archivos del host más allá de la carpeta compartida, pudiendo escalar sus privilegios en un host. • http://www.openwall.com/lists/oss-security/2017/01/17/12 http://www.securityfocus.com/bid/95461 http://www.securitytracker.com/id/1037604 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9602 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04347.html https://security.gentoo.org/glsa/201704-01 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-10028

https://notcve.org/view.php?id=CVE-2016-10028

The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0. La función virgl_cmd_get_capset en hw/display/virtio-gpu-3d.c en QEMU (también conocido como Quick Emulator) construido con el apoyo del emulador Virtio GPU Device permite a usuarios locales del SO invitado provocar una denegación de servicio (lectura fuera de límites y caída del proceso) a través de un comando VIRTIO_GPU_CMD_GET_CAPSET con un tamaño de capacidades con un valor de 0. • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=abd7f08b2353f43274b785db8c7224f082ef4d31 http://www.openwall.com/lists/oss-security/2016/12/20/1 http://www.openwall.com/lists/oss-security/2016/12/22/14 http://www.securityfocus.com/bid/94981 http://www.securitytracker.com/id/1037525 https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html https://security.gentoo.org/glsa/201701-49 • CWE-125: Out-of-bounds Read •