Page 43 of 317 results (0.010 seconds)

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion. La función virtqueue_pop en hw/virtio/virtio.c en QEMU permite a administradores locales del SO invitado provocar una denegación de servicio (consumo de memoria y caida del proceso QUEMU) mediante la presentación de solicitudes sin esperar la finalización. Quick Emulator (QEMU) built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation on the host controlled by the guest. • http://rhn.redhat.com/errata/RHSA-2016-1585.html http://rhn.redhat.com/errata/RHSA-2016-1586.html http://rhn.redhat.com/errata/RHSA-2016-1606.html http://rhn.redhat.com/errata/RHSA-2016-1607.html http://rhn.redhat.com/errata/RHSA-2016-1652.html http://rhn.redhat.com/errata/RHSA-2016-1653.html http://rhn.redhat.com/errata/RHSA-2016-1654.html http://rhn.redhat.com/errata/RHSA-2016-1655.html http://rhn.redhat.com/errata/RHSA-2016-1756.html http://rhn • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer. Las funciones (1) esp_reg_read y (2) esp_reg_write en hw/scsi/esp.c en QEMU permite a administradores locales del SO invitado provocar una denegación de servicio (caída del proceso QEMU) o ejecutar código arbitrario en el anfitrión QEMU a través de vectores relacionados con el buffer de transferencia de información. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec http://www.openwall.com/lists/oss-security/2016/06/07/3 http://www.openwall.com/lists/oss-security/2016/06/08/14 http://www.securityfocus.com/bid/91079 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html https://secur •

CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode. La función get_cmd en hw/scsi/esp.c en QEMU podría permitir a administradores locales del SO invitado provocar una denegación de servicio (escritura fuera de límites y caída del proceso QEMU) a través de vectores relacionados con la lectura del buffer de transferencia de información en modo no DMA. • http://www.openwall.com/lists/oss-security/2016/06/02/2 http://www.openwall.com/lists/oss-security/2016/06/02/9 http://www.securityfocus.com/bid/90995 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://bugzilla.redhat.com/show_bug.cgi?id=1341931 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05691.html https://lists.gnu.org/archive/html/qemu • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information. La función megasas_ctrl_get_info en hw/scsi/megasas.c en QEMU permite a administradores locales del SO invitado obtener información sensible de la memoria del anfitrión a través de vectores relacionados con la lectura de información de control del dispositivo. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=844864fbae66935951529408831c2f22367a57b6 http://www.openwall.com/lists/oss-security/2016/06/08/13 http://www.openwall.com/lists/oss-security/2016/06/08/3 http://www.securityfocus.com/bid/91097 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html https://secur •

CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read. La función vmsvga_fifo_read_raw en hw/display/vmware_vga.c en QEMU permite a administradores locales del SO invitado obtener información sensible de la memoria del anfitrión o provocar una denegación de servicio (caída del proceso QEMU) cambiando registros FIFO y emitiendo un comando VGA, lo que desencadena una lectura fuera de rango. • http://www.openwall.com/lists/oss-security/2016/05/30/3 http://www.securityfocus.com/bid/90927 http://www.ubuntu.com/usn/USN-3047-1 http://www.ubuntu.com/usn/USN-3047-2 https://bugzilla.redhat.com/show_bug.cgi?id=1336429 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html https://security.gentoo.org/glsa/201609-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •