Page 7 of 111 results (0.004 seconds)

CVSS: 7.5EPSS: 5%CPEs: 25EXPL: 0

26 Jul 2017 — qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. qemu-nbd en QEMU (Quick Emulator) no ignora la señal SIGPIPE, lo que permite a atacantes remotos provocar una denegación de servicio desconectando el proceso durante un intento de respuesta de servidor a cliente. Quick Emulator (QEMU) built with the Network Block Device (NBD) Server support is vulnerable to a crash ... • http://www.debian.org/security/2017/dsa-3920 • CWE-248: Uncaught Exception •

CVSS: 7.0EPSS: 0%CPEs: 9EXPL: 0

19 Jun 2017 — libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi prior to version 3.1 on 32 bit x86 systems was vulnerable, and upstream is believed to have fixed this issue in version 3.1. libffi solicita una pila ejecutable que permite que los atacantes desencadenen con más fa... • http://www.debian.org/security/2017/dsa-3889 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 5%CPEs: 12EXPL: 0

23 May 2017 — In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. En Open vSwitch (OvS) versión 2.7.0, mientras analiza un mensaje OFPT_QUEUE_GET_CONFIG_REPLY tipo OFP versión 1.0, se presenta una lectura excesiva búfer causada por un desbordamiento de enteros sin signo en la función “ofputil_pull_queue_get_config_reply10” en l... • https://access.redhat.com/errata/RHSA-2017:2418 • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0

02 May 2017 — Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. Desbordamiento de búfer basado en memoria dinámica (heap) en Cirrus CLGD 54xx VGA Emulator en Quick Emulator (Qemu) en versiones 2.8 y anteriores permite que los usuarios invitados del sistema operativo ejecuten código arbitrario o provoque... • http://ubuntu.com/usn/usn-3289-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0

27 Mar 2017 — The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. La función xhci_kick_epctx en hw/usb/hcd-xhci.c en QEMU (también conocido como Quick Emulator) permite a usuarios locales privilegiados del SO invitado provocar una denegación de servicio (bucle infinito y caída del proceso QEMU) a través de vectores relacionados c... • http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=f89b60f6e5fee3923bedf80e82b4e5efc1bb156b • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

23 Dec 2016 — Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. Quick Emulator (Qemu) construido con el soporte del USB redirector usb-guest es vulnerable a una falla de fuga de memoria. Podría ocurrir mientras se destruye el redirector USB en 'usbredir_handle_destroy'. • http://www.openwall.com/lists/oss-security/2016/12/08/3 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

23 Dec 2016 — Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. Quick Emulator (Qemu) construido con el soporte USB EHCI Emulation es vulnerable a un problema de fuga de memoria. Podría ocurrir mientras se procesan paquetes de datos en 'ehci_init_transfer'. • http://www.openwall.com/lists/oss-security/2016/12/08/5 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

23 Dec 2016 — Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS. Quick emulator (Qemu) construido con el soporte Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de división por cero. Podría ocurrir mientras se copian datos VGA cuando el modo de gráfic... • http://www.openwall.com/lists/oss-security/2016/12/09/1 • CWE-369: Divide By Zero •

CVSS: 6.0EPSS: 0%CPEs: 10EXPL: 0

10 Nov 2016 — Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device. Fuga de memoria en la función usb_xhci_exit en hw/usb/hcd-xhci.c en QEMU (también conocido como Quick Emulator), cuando el xhci utiliza msix, permite a administradores locales del SO invitado provocar una denegación de servicio (consumo... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=b53dd4495ced2432a0b652ea895e651d07336f7e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

04 Nov 2016 — The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base. La función serial_update_parameters en hw/char/serial.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (error de división por cero y caída del proceso QEMU) a tra... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3592fe0c919cf27a81d8e9f9b4f269553418bb01 • CWE-369: Divide By Zero •