Page 55 of 279 results (0.013 seconds)

CVSS: 5.2EPSS: 74%CPEs: 22EXPL: 0

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. La función set_pixel_format en ui/vnc.c en QEMU permite a atacantes remotos causar una denegación de servicio (caída) a través de valores pequeños de bytes_per_pixel. An uninitialized data structure use flaw was found in the way the set_pixel_format() function sanitized the value of bits_per_pixel. An attacker able to access a guest's VNC console could use this flaw to crash the guest. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e6908bfe8e07f2b452e78e677da1b45b1c0f6829 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html http://rhn.redhat.com/errata/RHSA-2015-0349.html http://rhn.redhat.com/errata/RHSA-2015-0624.html http://secunia.com/advisories/61484 http://secunia.com/advisories/62143 http://secunia.com/advisories/62144 http://support.citrix.com/article/CTX200892 http://www.debian.org/security/2014/dsa-3066 http://www.debian.org/secu • CWE-20: Improper Input Validation •

CVSS: 2.9EPSS: 0%CPEs: 25EXPL: 0

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution. El emulador VGA en QEMU permite a usuarios locales invitados leer la memoria del anfitrión mediante la configuración de la pantalla a una resolución alta. An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ab9509cceabef28071e41bdfa073083859c949a7 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=c1b886c45dc70f247300f549dce9833f3fa2def5 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://rhn.redhat.com/errata/RHSA-2014-1669.html http://rhn.redhat.com/errata/RHSA-2014-1670.html http://rhn.redhat.com/errata/RHSA-2014-1941.html http://secunia.com/advisories/61829 http://support.citrix.com/article/CTX200892 http://www.de • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.4EPSS: 0%CPEs: 22EXPL: 0

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. La función sosendto en slirp/udp.c en QEMU anterior a 2.1.2 permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo) mediante el envió de un paquete udp con un valor de 0 en el pueto y dirección de la fuente, lo que provoca el acceso a un socket no inicializado. A NULL pointer dereference flaw was found in the way QEMU handled UDP packets with a source port and address of 0 when QEMU's user networking was in use. A local guest user could use this flaw to crash the guest. • http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html http://rhn.redhat.com/errata/RHSA-2015-0349.html http://rhn.redhat.com/errata/RHSA-2015-0624.html http://www.debian.org/security/2014/dsa-3044 http://www.debian.org/security/2014/dsa-3045 http://www.ubuntu.com/usn/USN-2409-1 https://bugzilla.redhat. • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. Qemu versión 1.1.2+dfsg hasta 2.1+dfsg sufre un desbordamiento de búfer que podría resultar en una ejecución de código arbitrario en el host con los privilegios del proceso QEMU. • http://www.ubuntu.com/usn/USN-2342-1 https://access.redhat.com/security/cve/cve-2013-4532 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739589 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4532 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4532 https://github.com/qemu/qemu/commit/2e1198672759eda6e122ff38fcf6df06f27e0fe2 https://security-tracker.debian.org/tracker/CVE-2013-4532 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 33EXPL: 0

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information. hw/net/vmxnet3.c en QEMU 2.0.0-rc0, 1.7.1, y anteriores permite a usuarios locales invitados causar una denegación de servicio o posiblemente ejecutar código arbitrario a través de vectores relacionados con números de cola (1) RX o (2) TX o (3) indices interrupt. NOTA: algunos de estos detalles se obtienen de información de terceras partes. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484 http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689 http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7 http://secunia.com/advisories/58191 http://thread.gmane.org/gmane.comp.emulators.qemu/265562 http://ubuntu.com/usn/usn-2182-1 http://www.osvdb.org/106013 https&# • CWE-20: Improper Input Validation •