Page 42 of 305 results (0.006 seconds)

CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0

The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command. La función megasas_dcmd_cfg_read en hw/scsi/megasas.c en QEMU, cuando está construido con el soporte de emulación MegaRAID SAS 8708EM2 Host Bus Adapter, utiliza una variable sin inicializar, lo que permite a administradores locales invitados leer memoria de anfitrión a través de vectores que implican un comando MegaRAID Firmware Interface (MFI). • http://www.openwall.com/lists/oss-security/2016/05/25/5 http://www.openwall.com/lists/oss-security/2016/05/26/7 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://bugzilla.redhat.com/show_bug.cgi?id=1339583 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04419.html • CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion. La función virtqueue_pop en hw/virtio/virtio.c en QEMU permite a administradores locales del SO invitado provocar una denegación de servicio (consumo de memoria y caida del proceso QUEMU) mediante la presentación de solicitudes sin esperar la finalización. Quick Emulator (QEMU) built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation on the host controlled by the guest. • http://rhn.redhat.com/errata/RHSA-2016-1585.html http://rhn.redhat.com/errata/RHSA-2016-1586.html http://rhn.redhat.com/errata/RHSA-2016-1606.html http://rhn.redhat.com/errata/RHSA-2016-1607.html http://rhn.redhat.com/errata/RHSA-2016-1652.html http://rhn.redhat.com/errata/RHSA-2016-1653.html http://rhn.redhat.com/errata/RHSA-2016-1654.html http://rhn.redhat.com/errata/RHSA-2016-1655.html http://rhn.redhat.com/errata/RHSA-2016-1756.html http://rhn • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer. Las funciones (1) esp_reg_read y (2) esp_reg_write en hw/scsi/esp.c en QEMU permite a administradores locales del SO invitado provocar una denegación de servicio (caída del proceso QEMU) o ejecutar código arbitrario en el anfitrión QEMU a través de vectores relacionados con el buffer de transferencia de información. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec http://www.openwall.com/lists/oss-security/2016/06/07/3 http://www.openwall.com/lists/oss-security/2016/06/08/14 http://www.securityfocus.com/bid/91079 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html https://secur •

CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode. La función get_cmd en hw/scsi/esp.c en QEMU podría permitir a administradores locales del SO invitado provocar una denegación de servicio (escritura fuera de límites y caída del proceso QEMU) a través de vectores relacionados con la lectura del buffer de transferencia de información en modo no DMA. • http://www.openwall.com/lists/oss-security/2016/06/02/2 http://www.openwall.com/lists/oss-security/2016/06/02/9 http://www.securityfocus.com/bid/90995 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://bugzilla.redhat.com/show_bug.cgi?id=1341931 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05691.html https://lists.gnu.org/archive/html/qemu • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information. La función megasas_ctrl_get_info en hw/scsi/megasas.c en QEMU permite a administradores locales del SO invitado obtener información sensible de la memoria del anfitrión a través de vectores relacionados con la lectura de información de control del dispositivo. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=844864fbae66935951529408831c2f22367a57b6 http://www.openwall.com/lists/oss-security/2016/06/08/13 http://www.openwall.com/lists/oss-security/2016/06/08/3 http://www.securityfocus.com/bid/91097 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html https://secur •