ALT-PU-2017-2394-1
Closed vulnerabilities
BDU:2017-01803
Уязвимость в qemu-nbd эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-02081
Уязвимость функции megasas_mmio_write эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю оказать неопределенное воздействие
Modified: 2024-11-21
CVE-2017-10664
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
- DSA-3920
- DSA-3920
- [oss-security] 20170629 CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort
- [oss-security] 20170629 CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort
- 99513
- 99513
- RHSA-2017:2390
- RHSA-2017:2390
- RHSA-2017:2445
- RHSA-2017:2445
- RHSA-2017:3466
- RHSA-2017:3466
- RHSA-2017:3470
- RHSA-2017:3470
- RHSA-2017:3471
- RHSA-2017:3471
- RHSA-2017:3472
- RHSA-2017:3472
- RHSA-2017:3473
- RHSA-2017:3473
- RHSA-2017:3474
- RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=1466190
- https://bugzilla.redhat.com/show_bug.cgi?id=1466190
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [qemu-devel] 20170611 [PATCH] qemu-nbd: Ignore SIGPIPE
- [qemu-devel] 20170611 [PATCH] qemu-nbd: Ignore SIGPIPE
Modified: 2024-11-21
CVE-2017-12809
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
- DSA-3991
- DSA-3991
- [oss-security] 20170821 CVE-2017-12809 Qemu: ide: flushing of empty CDROM drives leads to NULL dereference
- [oss-security] 20170821 CVE-2017-12809 Qemu: ide: flushing of empty CDROM drives leads to NULL dereference
- 100451
- 100451
- [qemu-devel] 20170809 [Qemu-devel] [PATCH 1/2] IDE: Do not flush empty CDROM drives
- [qemu-devel] 20170809 [Qemu-devel] [PATCH 1/2] IDE: Do not flush empty CDROM drives
Modified: 2024-11-21
CVE-2017-13672
QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update.
- openSUSE-SU-2019:1074
- openSUSE-SU-2019:1074
- DSA-3991
- DSA-3991
- [oss-security] 20170830 CVE-2017-13672 Qemu: vga: OOB read access during display update
- [oss-security] 20170830 CVE-2017-13672 Qemu: vga: OOB read access during display update
- 100540
- 100540
- RHSA-2018:0816
- RHSA-2018:0816
- RHSA-2018:1104
- RHSA-2018:1104
- RHSA-2018:1113
- RHSA-2018:1113
- RHSA-2018:2162
- RHSA-2018:2162
- https://bugzilla.redhat.com/show_bug.cgi?id=1486560
- https://bugzilla.redhat.com/show_bug.cgi?id=1486560
- [qemu-devel] 20170824 [PATCH] vga: stop passing pointers to vga_draw_line* functions
- [qemu-devel] 20170824 [PATCH] vga: stop passing pointers to vga_draw_line* functions
- USN-3575-1
- USN-3575-1
Modified: 2024-11-21
CVE-2017-8380
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.