Page 56 of 289 results (0.012 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-2197

https://notcve.org/view.php?id=CVE-2016-2197

QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash the QEMU process instance resulting in DoS. QEMU (también conocido como Quick Emulator) construido con un soporte de emulación IDE AHCI es vulnerable a una falla de referencia de puntero null. Ocurre mientras se desprograman las entradas Frame Information Structure (FIS) y Command List Block (CLB). • http://www.openwall.com/lists/oss-security/2016/01/29/2 http://www.openwall.com/lists/oss-security/2016/01/30/1 http://www.securityfocus.com/bid/82235 https://bugzilla.redhat.com/show_bug.cgi?id=1302057 https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg05742.html https://security.gentoo.org/glsa/201604-01 • CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2016-1568 – Qemu: ide: ahci use-after-free vulnerability in aio port commands

https://notcve.org/view.php?id=CVE-2016-1568

Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command. Vulnerabilidad de uso después de liberación de memoria en hw/ide/ahci.c en QEMU, cuando se construye con soporte de emulación IDE AHCI, permite a usuarios del SO invitado causar una denegación de servicio (caída de instancia) o posiblemente ejecutar código arbitrario a través de un comando AHCI Native Command Queuing (NCQ) AIO no válido. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing (NCQ) AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4ab0359a8ae182a7ac5c99609667273167703fab http://rhn.redhat.com/errata/RHSA-2016-0084.html http://rhn.redhat.com/errata/RHSA-2016-0086.html http://rhn.redhat.com/errata/RHSA-2016-0087.html http://rhn.redhat.com/errata/RHSA-2016-0088.html http://www.debian.org/security/2016/dsa-3469 http://www.debian.org/security/2016/dsa-3470 http://www.debian.org/security/2016/dsa-3471 http://www.openwall.com/lists/oss-security/2016/0 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 3

CVE-2015-8556 – QEMU (Gentoo) - Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2015-8556

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. Vulnerabilidad de escalada de privilegios locales en el paquete Gentoo QEMU en versiones anteriores a 2.5.0-r1. • https://www.exploit-db.com/exploits/39010 http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html https://security.gentoo.org/glsa/201602-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2015-8345

https://notcve.org/view.php?id=CVE-2015-8345

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. El emulador de eepro100 en qemu-kvm de QEMU permite a los usuarios huéspedes locales provocar una denegación de servicio (fallo de la aplicación y bucle infinito) a través de vectores que implican la lista de bloqueo de comandos. • http://www.debian.org/security/2016/dsa-3469 http://www.debian.org/security/2016/dsa-3470 http://www.debian.org/security/2016/dsa-3471 http://www.openwall.com/lists/oss-security/2015/11/25/11 http://www.securityfocus.com/bid/77985 https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html https://security.gentoo.org/glsa/201602-01 • CWE-399: Resource Management Errors •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2015-7504 – Qemu: net: pcnet: heap overflow vulnerability in pcnet_receive

https://notcve.org/view.php?id=CVE-2015-7504

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. Desbordamiento de búfer basado en memoria dinámica (heap) en la función pcnet_receive en hw/net/pcnet.c en QEMU permite que administradores del sistema operativo invitados provoquen una denegación de servicio (cierre inesperado de la instancia) o que puedan ejecutar código arbitrario mediante una serie de paquetes en modo de bucle invertido. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user (with the CAP_SYS_RAWIO capability) inside a guest could use this flaw to crash the host QEMU process (resulting in denial of service) or, potentially, execute arbitrary code with privileges of the host QEMU process. • http://rhn.redhat.com/errata/RHSA-2015-2694.html http://rhn.redhat.com/errata/RHSA-2015-2695.html http://rhn.redhat.com/errata/RHSA-2015-2696.html http://www.debian.org/security/2016/dsa-3469 http://www.debian.org/security/2016/dsa-3470 http://www.debian.org/security/2016/dsa-3471 http://www.openwall.com/lists/oss-security/2015/11/30/2 http://www.securityfocus.com/bid/78227 http://www.securitytracker.com/id/1034268 http://xenbits.xen.org/xsa/advisory • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •