CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8701
https://notcve.org/view.php?id=CVE-2015-8701
QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments. A privileged user inside guest could use this flaw to cause memory leakage on the host or crash the QEMU process instance resulting in DoS issue. QEMU (también conocido como Quick Emulator) construido con el soporte de emulación switch Rocker es vulnerable a un error off-by-one. Sucede mientras se procesan los descriptores de transmisión (tx) en rutina 'tx_consume', si un descriptor debía tener más fragmentos (ROCKER_TX_FRAGS_MAX=16) de los permitidos. • http://www.openwall.com/lists/oss-security/2015/12/28/6 http://www.openwall.com/lists/oss-security/2015/12/29/1 http://www.securityfocus.com/bid/79706 https://bugzilla.redhat.com/show_bug.cgi?id=1286971 https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg04629.html https://security.gentoo.org/glsa/201602-01 • CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8745
https://notcve.org/view.php?id=CVE-2015-8745
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. QEMU (también conocido como Quick Emulator) construido con un soporte de emulador VMWARE VMXNET3 paravirtual NIC es vulnerable a un problema de caída. Podría ocurrir mientras lee Interrupt Mask Registers (IMR). • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c6048f849c7e3f009786df76206e895 http://www.debian.org/security/2016/dsa-3471 http://www.openwall.com/lists/oss-security/2016/01/04/4 http://www.openwall.com/lists/oss-security/2016/01/04/7 http://www.securityfocus.com/bid/79822 http://www.securitytracker.com/id/1034575 https://bugzilla.redhat.com/show_bug.cgi?id=1270876 https://security.gentoo.org/glsa/201602-01 • CWE-617: Reachable Assertion •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8743
https://notcve.org/view.php?id=CVE-2015-8743
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes. QEMU (también conocido como Quick Emulator) construido con el soporte de emulación de dispositivo NE2000 es vulnerable a un problema de acceso OOB r/w. Podría ocurrir mientras se realizan operaciones 'ioport' r/w. • http://www.debian.org/security/2016/dsa-3469 http://www.debian.org/security/2016/dsa-3470 http://www.debian.org/security/2016/dsa-3471 http://www.openwall.com/lists/oss-security/2016/01/04/1 http://www.openwall.com/lists/oss-security/2016/01/04/2 http://www.securityfocus.com/bid/79820 http://www.securitytracker.com/id/1034574 https://bugzilla.redhat.com/show_bug.cgi?id=1264929 https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00050.html https:/ • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-2198
https://notcve.org/view.php?id=CVE-2016-2198
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS. QEMU (también conocido como Quick Emulator) construido con el soporte de emulación USB EHCI es vulnerable a una falla de referencia de puntero null. Podría ocurrir cuando una aplicación trata de escribir en los registros de capacidades EHCI. • http://www.openwall.com/lists/oss-security/2016/01/29/6 http://www.openwall.com/lists/oss-security/2016/01/30/2 https://bugzilla.redhat.com/show_bug.cgi?id=1301643 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg05899.html https://security.gentoo.org/glsa/201604-01 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8568
https://notcve.org/view.php?id=CVE-2015-8568
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. La pérdida de memoria en QEMU, cuando se construye con un VMWARE VMXNET3 paravirtual NIC emulador de soporte, permite a los usuarios locales invitados a provocar una denegación de servicio (consumo de memoria del host) al intentar activar el dispositivo vmxnet3 repetidamente. • http://www.debian.org/security/2016/dsa-3471 http://www.openwall.com/lists/oss-security/2015/12/15/10 http://www.securityfocus.com/bid/79721 https://bugzilla.redhat.com/show_bug.cgi?id=1289816 https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html https://security.gentoo.org/glsa/201602-01 • CWE-772: Missing Release of Resource after Effective Lifetime •