ALT-PU-2017-2202-1
Closed vulnerabilities
Modified: 2021-03-23
BDU:2017-01782
Уязвимость компонента audio.c эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2023-11-21
BDU:2021-01313
Уязвимость эмулятора аппаратного обеспечения QEMU, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2021-08-17
BDU:2021-03352
Уязвимость функции disas_insn компонента target/i386/translate.c эмулятора аппаратного обеспечения QEMU, связанная с недостатком механизма управления генерацией кода, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-04-20
CVE-2015-8345
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
- http://www.debian.org/security/2016/dsa-3469
- http://www.debian.org/security/2016/dsa-3470
- http://www.debian.org/security/2016/dsa-3471
- http://www.openwall.com/lists/oss-security/2015/11/25/11
- http://www.securityfocus.com/bid/77985
- https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
- https://security.gentoo.org/glsa/201602-01
- http://www.debian.org/security/2016/dsa-3469
- http://www.debian.org/security/2016/dsa-3470
- http://www.debian.org/security/2016/dsa-3471
- http://www.openwall.com/lists/oss-security/2015/11/25/11
- http://www.securityfocus.com/bid/77985
- https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
- https://security.gentoo.org/glsa/201602-01
Modified: 2025-04-20
CVE-2017-7718
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=215902d7b6fb50c6fc216fc74f770858278ed904
- http://www.openwall.com/lists/oss-security/2017/04/19/4
- http://www.securityfocus.com/bid/97957
- https://access.redhat.com/errata/RHSA-2017:0980
- https://access.redhat.com/errata/RHSA-2017:0981
- https://access.redhat.com/errata/RHSA-2017:0982
- https://access.redhat.com/errata/RHSA-2017:0983
- https://access.redhat.com/errata/RHSA-2017:0984
- https://access.redhat.com/errata/RHSA-2017:0988
- https://access.redhat.com/errata/RHSA-2017:1205
- https://access.redhat.com/errata/RHSA-2017:1206
- https://access.redhat.com/errata/RHSA-2017:1430
- https://access.redhat.com/errata/RHSA-2017:1431
- https://access.redhat.com/errata/RHSA-2017:1441
- https://bugzilla.redhat.com/show_bug.cgi?id=1443441
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://security.gentoo.org/glsa/201706-03
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=215902d7b6fb50c6fc216fc74f770858278ed904
- http://www.openwall.com/lists/oss-security/2017/04/19/4
- http://www.securityfocus.com/bid/97957
- https://access.redhat.com/errata/RHSA-2017:0980
- https://access.redhat.com/errata/RHSA-2017:0981
- https://access.redhat.com/errata/RHSA-2017:0982
- https://access.redhat.com/errata/RHSA-2017:0983
- https://access.redhat.com/errata/RHSA-2017:0984
- https://access.redhat.com/errata/RHSA-2017:0988
- https://access.redhat.com/errata/RHSA-2017:1205
- https://access.redhat.com/errata/RHSA-2017:1206
- https://access.redhat.com/errata/RHSA-2017:1430
- https://access.redhat.com/errata/RHSA-2017:1431
- https://access.redhat.com/errata/RHSA-2017:1441
- https://bugzilla.redhat.com/show_bug.cgi?id=1443441
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://security.gentoo.org/glsa/201706-03
Modified: 2025-04-20
CVE-2017-8112
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
- http://www.openwall.com/lists/oss-security/2017/04/26/5
- http://www.securityfocus.com/bid/98015
- https://bugzilla.redhat.com/show_bug.cgi?id=1445621
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html
- https://security.gentoo.org/glsa/201706-03
- http://www.openwall.com/lists/oss-security/2017/04/26/5
- http://www.securityfocus.com/bid/98015
- https://bugzilla.redhat.com/show_bug.cgi?id=1445621
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html
- https://security.gentoo.org/glsa/201706-03
Modified: 2025-04-20
CVE-2017-8284
The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated by procmail. NOTE: the vendor has stated "this bug does not violate any security guarantees QEMU makes.
Modified: 2025-04-20
CVE-2017-8309
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
- http://www.securityfocus.com/bid/98302
- https://access.redhat.com/errata/RHSA-2017:2408
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html
- https://security.gentoo.org/glsa/201706-03
- http://www.securityfocus.com/bid/98302
- https://access.redhat.com/errata/RHSA-2017:2408
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html
- https://security.gentoo.org/glsa/201706-03
Modified: 2025-04-20
CVE-2017-8379
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
- http://www.openwall.com/lists/oss-security/2017/05/03/2
- http://www.securityfocus.com/bid/98277
- https://access.redhat.com/errata/RHSA-2017:2408
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html
- https://security.gentoo.org/glsa/201706-03
- http://www.openwall.com/lists/oss-security/2017/05/03/2
- http://www.securityfocus.com/bid/98277
- https://access.redhat.com/errata/RHSA-2017:2408
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html
- https://security.gentoo.org/glsa/201706-03
Modified: 2025-04-20
CVE-2017-9330
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=26f670a244982335cc08943fb1ec099a2c81e42d
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/01/3
- http://www.securityfocus.com/bid/98779
- https://bugzilla.redhat.com/show_bug.cgi?id=1457697
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://security.gentoo.org/glsa/201706-03
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=26f670a244982335cc08943fb1ec099a2c81e42d
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/01/3
- http://www.securityfocus.com/bid/98779
- https://bugzilla.redhat.com/show_bug.cgi?id=1457697
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://security.gentoo.org/glsa/201706-03
Modified: 2025-04-20
CVE-2017-9373
Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d68f0f778e7f4fbd674627274267f269e40f0b04
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/05/1
- http://www.securityfocus.com/bid/98921
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1458270
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d68f0f778e7f4fbd674627274267f269e40f0b04
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/05/1
- http://www.securityfocus.com/bid/98921
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1458270
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
Modified: 2025-04-20
CVE-2017-9374
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device.
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/06/3
- http://www.securityfocus.com/bid/98905
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1459132
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/06/3
- http://www.securityfocus.com/bid/98905
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1459132
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
Modified: 2025-04-20
CVE-2017-9375
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
- http://www.debian.org/security/2017/dsa-3991
- http://www.openwall.com/lists/oss-security/2017/06/05/2
- http://www.securityfocus.com/bid/98915
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1458744
- https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
- http://www.debian.org/security/2017/dsa-3991
- http://www.openwall.com/lists/oss-security/2017/06/05/2
- http://www.securityfocus.com/bid/98915
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1458744
- https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html
Modified: 2025-04-20
CVE-2017-9503
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
- http://www.openwall.com/lists/oss-security/2017/06/08/1
- http://www.securityfocus.com/bid/99010
- https://bugzilla.redhat.com/show_bug.cgi?id=1459477
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html
- http://www.openwall.com/lists/oss-security/2017/06/08/1
- http://www.securityfocus.com/bid/99010
- https://bugzilla.redhat.com/show_bug.cgi?id=1459477
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html