ALT-PU-2017-1421-1
Closed vulnerabilities
BDU:2017-00646
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00647
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00648
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00649
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00650
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00651
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00652
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00653
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-00654
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2017-00773
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-5525
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=12351a91da97b414eec8cdb09f1d9f41e535a401
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=12351a91da97b414eec8cdb09f1d9f41e535a401
- [oss-security] 20170118 CVE request Qemu: audio: memory leakage in ac97 device
- [oss-security] 20170118 CVE request Qemu: audio: memory leakage in ac97 device
- [oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in ac97 device
- [oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in ac97 device
- 95671
- 95671
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5526
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
- [oss-security] 20170118 CVE request Qemu: audio: memory leakage in es1370 device
- [oss-security] 20170118 CVE request Qemu: audio: memory leakage in es1370 device
- [oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in es1370 device
- [oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in es1370 device
- 95669
- 95669
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
Modified: 2024-11-21
CVE-2017-5552
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=33243031dad02d161225ba99d782616da133f689
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=33243031dad02d161225ba99d782616da133f689
- [oss-security] 20170120 CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
- [oss-security] 20170120 CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
- [oss-security] 20170120 Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
- [oss-security] 20170120 Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
- 95773
- 95773
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5578
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=204f01b30975923c64006f8067f0937b91eea68b
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=204f01b30975923c64006f8067f0937b91eea68b
- [oss-security] 20170123 CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
- [oss-security] 20170123 CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
- [oss-security] 20170125 Re: CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
- [oss-security] 20170125 Re: CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
- 95781
- 95781
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5579
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
- [oss-security] 20170124 CVE request Qemu: serial: host memory leakage in 16550A UART emulation
- [oss-security] 20170124 CVE request Qemu: serial: host memory leakage in 16550A UART emulation
- [oss-security] 20170125 Re: CVE request Qemu: serial: host memory leakage in 16550A UART emulation
- [oss-security] 20170125 Re: CVE request Qemu: serial: host memory leakage in 16550A UART emulation
- 95780
- 95780
- RHSA-2017:2392
- RHSA-2017:2392
- RHSA-2017:2408
- RHSA-2017:2408
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5667
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
- http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
- [oss-security] 20170130 CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170130 CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170131 Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170131 Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170212 Re: Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170212 Re: Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- 95885
- 95885
- https://bugzilla.redhat.com/show_bug.cgi?id=1417559
- https://bugzilla.redhat.com/show_bug.cgi?id=1417559
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5856
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3
- [oss-security] 20170201 CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
- [oss-security] 20170201 CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
- [oss-security] 20170202 Re: CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
- [oss-security] 20170202 Re: CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
- 95999
- 95999
- https://bugzilla.redhat.com/show_bug.cgi?id=1418342
- https://bugzilla.redhat.com/show_bug.cgi?id=1418342
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5857
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798
- [oss-security] 20170201 CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
- [oss-security] 20170201 CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
- [oss-security] 20170202 Re: CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
- [oss-security] 20170202 Re: CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
- 95993
- 95993
- https://bugzilla.redhat.com/show_bug.cgi?id=1418382
- https://bugzilla.redhat.com/show_bug.cgi?id=1418382
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5898
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a
- SUSE-SU-2017:0570
- SUSE-SU-2017:0570
- SUSE-SU-2017:0582
- SUSE-SU-2017:0582
- [oss-security] 20170207 Re: CVE request Qemu: usb: integer overflow in emulated_apdu_from_guest
- [oss-security] 20170207 Re: CVE request Qemu: usb: integer overflow in emulated_apdu_from_guest
- 96112
- 96112
- RHSA-2017:1856
- RHSA-2017:1856
- RHSA-2017:2392
- RHSA-2017:2392
- https://bugzilla.redhat.com/show_bug.cgi?id=1419699
- https://bugzilla.redhat.com/show_bug.cgi?id=1419699
- GLSA-201702-28
- GLSA-201702-28
Modified: 2024-11-21
CVE-2017-5973
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=f89b60f6e5fee3923bedf80e82b4e5efc1bb156b
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=f89b60f6e5fee3923bedf80e82b4e5efc1bb156b
- [oss-security] 20170214 CVE-2017-5973 Qemu: usb: infinite loop while doing control transfer in xhci_kick_epctx
- [oss-security] 20170214 CVE-2017-5973 Qemu: usb: infinite loop while doing control transfer in xhci_kick_epctx
- 96220
- 96220
- RHSA-2017:2392
- RHSA-2017:2392
- RHSA-2017:2408
- RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1421626
- https://bugzilla.redhat.com/show_bug.cgi?id=1421626
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [qemu-devel] 20170206 [PATCH] xhci: apply limits to loops
- [qemu-devel] 20170206 [PATCH] xhci: apply limits to loops
- GLSA-201704-01
- GLSA-201704-01
Modified: 2024-11-21
CVE-2017-5987
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=6e86d90352adf6cb08295255220295cf23c4286e
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=6e86d90352adf6cb08295255220295cf23c4286e
- [oss-security] 20170214 CVE-2017-5987 Qemu: sd: infinite loop issue in multi block transfers
- [oss-security] 20170214 CVE-2017-5987 Qemu: sd: infinite loop issue in multi block transfers
- 96263
- 96263
- https://bugzilla.redhat.com/show_bug.cgi?id=1421995
- https://bugzilla.redhat.com/show_bug.cgi?id=1421995
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [qemu-devel] 20170213 Re: [Qemu-devel] [PATCH v3 1/4] sd: sdhci: check transfer mode register in multi block transfer
- [qemu-devel] 20170213 Re: [Qemu-devel] [PATCH v3 1/4] sd: sdhci: check transfer mode register in multi block transfer
- GLSA-201704-01
- GLSA-201704-01
Modified: 2024-11-21
CVE-2017-6505
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
- http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
- [oss-security] 20170306 CVE-2017-6505 Qemu: usb: an infinite loop issue in ohci_service_ed_list
- [oss-security] 20170306 CVE-2017-6505 Qemu: usb: an infinite loop issue in ohci_service_ed_list
- 96611
- 96611
- https://bugzilla.redhat.com/show_bug.cgi?id=1429432
- https://bugzilla.redhat.com/show_bug.cgi?id=1429432
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- GLSA-201704-01
- GLSA-201704-01